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This paper explores the connection between semantic equivalences and preorders for concrete 
sequential processes, represented by means of labelled transition systems, and formats of tran- 
sition system specifications using Plotkin's structural approach. For several preorders in the 
linear time - branching time spectrum a format is given, as general as possible, such that this 
preorder is a precongruence for all operators specifiable in that format. The formats are derived 
using the modal characterizations of the corresponding preorders. 
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1 Introduction 

Structural operational semantics [^] provides process algebras and specification languages with an 
interpretation. It generates a (labelled) transition system (LTS), in which states are the closed 
terms over a (single-sorted, first-order) signature, and transitions between states may be supplied 
with labels. The transitions between states are obtained from a transition system specification 
(TSS), this being a signature together with a set of proof rules called transition rules. 

In case of a TSS with only positive premises, the associated LTS simply consists of the tran- 
sitions derivable from the transition rules. In the presence of negative premises it is not always 
straightforward to associate an LTS to a TSS. One can for instance express that a transition holds 



if it does not hold. In van Glabbeek |21| the notion of derivability of transitions from a TSS is ex- 
tended to negated transitions by incorporating a notion of negation as failure (cf. [|l2|): a supported 
proof enables one to derive the negation of a transition by disproving a premise in each substitution 
instance of each transition rule that carries this transition as its conclusion; a well-supported proof 
(inspired by the notion of a well-supported model [0]) features an even more powerful method 
to derive the negation of a transition by demonstrating that that transition can not be derived. 
A TSS is complete |21] if for each transition there is a well-supported proof from the TSS either 
for the transition itself or for its negation. The LTS associated to a complete TSS consists of the 
transitions for which there is a well-supported proof. An incomplete TSS arguably does not specify 
a LTS in a meaningful way at all. However, it specifies what one could call a 3-valued LTS: an 
LTS in which potential transitions are either present, absent or unknown. This approach to the 
meaning of transition system specifications can be seen as a proof-theoretic characterization of the 



*This paper subsumes most of Q and part of |gO|. An extended abstract of our work appeared as [g], except that 
in the current paper we do not include the full abstraction results mentioned there. Those results originated from 
[pot and are planned to appear in a full version of |2o|l . 

^Supported by a grant from The Nuffield Foundation. 
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work of VAN Gelder, Ross &; Schlipf [18| in logic programming. The notion of completeness of 
a TSS also coincides with the notion of being positive after reduction of BOL & Groote [|1C|]. 
LTSs can be distinguished from each other by means of a wide range of semantic equivalences 



and preorders. These preorders are based on the branching structure of LTSs {simulation [33 



ready simulation []9|, bisimulation ||31| , |33(| , nested simulations |2J]), on execution sequences 
(partial traces, completed traces, accepting traces), or on decorated versions of execution sequences 
{ready pairs ||5|, |3^, 37], failure pairs j^, 11, 13 1, ready traces failure traces In [^], van 

Glabbeek classified most equivalences and preorders for concrete, sequential processes^ that occur 
in the literature, and motivated them by means of testing scenarios, phrased in terms of 'button 
pushing experiments' on generative and reactive machines. This gave rise to modal characterizations 
of the preorders, i.e. characterizations in terms of the observations that an experimenter could make 
during a session with a process. 

In general a semantic equivalence (or preorder) induced by a TSS is not a congruence (resp. 
precongruence), i.e. the equivalence class of a term need not be determined by the 

equivalence classes of its arguments ti, . . . ,tn- Being a (pre)congruence is an important property, 
for instance in order to fit the equivalence (or preorder) into an axiomatic framework. Syntactic 
formats for TSSs have been developed with respect to several semantic equivalences and preorders, 
to ensure that such an equivalence or preorder as induced by a TSS in the corresponding format is 
a (pre)congruence. These formats have helped to avoid repetitive (pre) congruence proofs, and to 
explore the limits of sensible TSS definitions. A first congruence format for bisimulation equivalence 
was put forward by DE Simone ||3^, which was extended to the GSOS format by Bloom, Istrail 
& Meyer and to the tyft/tyxt format by Groote k, Vaandrager The tyft/tyxt format 
was extended with negative premises [|lO|, ^ to obtain the ntyft/ntyxt format for complete TSSs. 
The ntyft/ntyxt format also generalizes the GSOS format. The congruence results of ]lO| , p3| , 24 1 
were originally only proved for TSSs satisfying a well-foundedness criterion; in |17] they were shown 
to hold for all complete TSSs in ntyft/ntyxt format. To mention some formats for other equivalences 
and preorders, Vaandrager observed that de Simone's format is a precongruence format for 
the partial trace and the failure preorders. Bloom Q introduced a more general congruence format 
for partial trace equivalence, and Fokkink [15| introduced a precongruence format for the accepting 
trace preorder. Finally, Bloom introduced a congruence format for readiness equivalence, and 
VAN Glabbeek one for ready simulation equivalence. This ready simulation format generalizes 
the GSOS format. 

In this paper precongruence formats are proposed for several semantic preorders based on 
decorated traces, building on results reported in |^ 20|. We introduce precongruence formats for 
the ready trace preorder, the readiness preorder, the failure trace preorder and the failure preorder. 
The precongruence formats for the last two preorders coincide. Following ^ 15, |T^, these three 



precongruence formats distinguish between frozen and liquid arguments of function symbols. This 
distinction is used in posing restrictions on occurrences of variables in transition rules. The ready 
simulation format of |20| is more liberal than the format for the ready trace preorder, which is more 
liberal than the format for the readiness preorder, which is more liberal than the format for the 
failure trace preorder, which in turn is more liberal than de Simone's format. 

The precongruence formats introduced in this paper apply to incomplete TSSs as well. For this 
purpose the definitions of the corresponding preorders are extended to 3- valued LTSs. 



process is sequential if it can do only one action at a time; concrete refers to the absence of internal actions or 
internal choice. 
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We also show that the tyft/tyxt format is adequate for the nested shnulation preorders. 

The precongruence formats put forward in this paper were obtained by a careful study of the 
modal characterizations of the preorders in question. The outline of the proof underlying each of our 
precongruence results is as follows. First, any TSS in our ready simulation format is transformed 
into an equivalent TSS — equivalent in the sense that is proves the same transitions and negated 
transitions — of a special form, in which the left-hand sides of positive premises are single variables. 
For such TSSs we show that the notions of supported and well-supported provability coincide. 
Next, any such TSS is extended with a number of transition rules with negative conclusions, in 
such a way that a (negated) transition has a supported proof from the original TSS if and only 
if it has a standard proof from the extended TSS. In the extended TSS, the left-hand sides of 
positive and negative premises can further be reduced to single variables. It is shown for each 
of the precongruence formats in this paper that its syntactic criteria are preserved under these 
transformations. Finally, the resulting transition rules are used to decompose modal formulas; that 
is, a modal formula ip for an open term t is decomposed into a choice of modal formulas ^l^{x) for 
variables x such that t satisfies if if and only if for one of those ips the variables x in t satisfy 
ip{x). The precongruence format for each preorder under consideration guarantees that if a modal 
formula is within the modal characterization of this preorder, then the same holds for the resulting 
decomposed modal formulas. This implies the desired precongruence result. 

Larsen [pM] and Larsen & XiNXiN obtained compositionality results for the Hennessy- 
Milner logic ||2^ and the ^-calculus |27|, respectively, with respect to action transducers, which 
constitute a reformulation of TSSs in de Simone's format. The technique for decomposing modal 
formulas that is employed in the current paper is firmly related to their approach, but applies to 
the richer ready simulation format. 

This paper is set up as follows. Section % gives definitions of existing semantic preorders, both 
in terms of decorated traces or simulations and of observations. Section 3 presents the basics 
of structural operational semantics, and extends the definitions of most of the preorders to 3- 
valued LTSs. Section 4 recalls the ntyft/ntyxt format and formulates extra requirements to obtain 
new precongruence formats for a range of preorders. In Section 5 it is shown that the syntactic 
restrictions of the respective precongruence formats are preserved under irredundant provability. 
Section 6| explains how well-supported proofs are reduced to standard proofs. In Section 7 it is 
shown that left-hand sides of premises can be reduced to single variables. Section j contains the 
proofs of the precongruence results, based on material in the previous three sections, and using 
the definitions of preorders in terms of observations. In Section £, counterexamples are given to 



show that all syntactic restrictions are essential for the obtained precongruence results. Section 10 
presents some applications of the precongruence formats to TSSs from the literature. In Section 11 
it is argued that our techniques apply to other preorders as well. As an example we show that 
the precongruence format for the failure trace preorder is a congruence format for partial trace 
equivalence, and that the positive variant of this format is a precongruence format for the partial 
trace preorder. In pection T^ , a conservative extension result is established for incomplete TSSs 
in ready simulation format. Finally, Section Ts discusses possible extensions of the congruence 
formats derived in this paper. 
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2 Preorders and equivalences on labelled transition systems 

Definition 1 A labelled transition system (LTS) is a pair (P, — with P a set (of processes) and 
— > C P X A X P for A a set (of actions). 

Notation: Write p q for (p, a, q) G— and p for -iBqi G P : p g. 

The elements of P represent the processes we are interested in, and p — ^ q means that process p 
can evolve into process q while performing the action a. We start with defining six preorders on 
LTSs, which are based on execution sequences of processes. Given an LTS, we write p q, where 
? = ai • • • o„ G ^* for nGlN, if there are processes pq, . . . ,Pn with p=po — ^ Pi — ^ • • • — ^ Pn = q- 

For a process p we define 

initials(p) = {a e A \ 3p' e JP : p p'}. 

Definition 2 Assume an LTS. 

• A sequence G A* is a (partial) trace of process p if p — ^ q for some process q. 

• q e A* is a completed trace of process p if p — ^ q for some process q with initials(g) = 0. 

• A pair (c, X) with ? G A* and X C A is a ready pair of process p if p g for some process q 
with initials(g) = X. 

• A pair {c^, X) with ? G vl* and X C ^ is a failure pair of process p if p — ^ g for some process 
q with initials(g) n X = 0. 

• A sequence XqQiXi ■ ■ • anX^ (with n G IN), where Xi C A and Oj G A for i = 0, . . . , n, is a 
ready trace of process po if Po Pi ■ ■ ■ Pn and initials(pj) = Xi for i = 0, . . . ,n. 

• A sequence XqUiXi ■ ■ ■ a„X„ (with n G IN), where X^ C A and Ui e A for i = 0, . . . ,n, is & 
failure trace of process po if po pi • • • Pn and initials(pj) fl = for i = 0, . . . ,n. 

We write p q, p 9) P Ei? 9; P Q, P Qrt q or p Qft Q if the set of (partial) traces, 
completed traces, ready pairs, failure pairs, ready traces or failure traces of p is included in that of 
q, respectively. Write p QcT Q fo^ P Q /\ P Q] the preorder is used only to define CcT- 

We proceed to define preorders based on simulation of one process by another. 

Definition 3 Assume an LTS. For a binary relation R, let pR~^q iff qRp. 

• A binary relation R on processes is a (1-nested) simulation if whenever pRq and p — ^ p' , then 
there is a transition q q' such that p'Rq' . 

• A simulation J? is a ready simulation if whenever pRq and p then q 

• A simulation R is an n-nested simulation (for n > 2) if R~^ is contained in an (n — l)-nested 

simulation. 

• A bisimulation is a simulation R such that also R~^ is a simulation. 

We write p C„5 q (for n > 1), p ^rs q or p q if there is an n-nested simulation, ready simulation 
or bisimulation R with pRq, respectively. 

Note that is symmetric, so that it constitutes an equivalence relation. In the literature this 
notion of bisimulation equivalence is often denoted by t± . 
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In 1 19 1, VAN Glabbeek observed that if one restricts to the domain of finitely branching, 
concrete, sequential processes, then most semantic preorders found in the literature "that can be 
defined uniformly in terms of action relations" coincide with one of the preorders defined above. 
He motivated these preorders by means of testing scenarios, phrased in terms of 'button pushing 
experiments' on generative and reactive machines. This gave rise to modal characterizations of the 
preorders, characterizations in terms of the observations that an experimenter could make during 
a session with a process. 

Definition 4 Assume an action set A. The set © of potential observations or modal formulas is 
defined inductively by: 

T G ©. The trivial observation, obtained by terminating the session. 

a(/7 G (D if (/5 G © and a £ A. The observation of an action a, followed by the observation (/?. 
a G O for a £ A. The observation that the process cannot perform the action a. 

(pi £ O if G © for all i £ I. The process admits each of the observations ipi. 
-^(f G O if (/3 G ©. (It can be observed that) ip cannot be observed. 

Definition 5 Let (P, — >) be a LTS, labelled over A. The satisfaction relation |= C P x © telling 
which observations are possible for which process is inductively defined by the clauses below. 



p 


1= T 




p 


= a(/9 


if 3(7 : p q f\q\= ip 


p 


= a 




p 


1= Ai6/ '^i 


if p \= ipi for all i G / 


p 


1= 


iip^ ip 



We will use the binary conjunction ipi A ip2 as an abbreviation of Aje{i 2} whereas T is identified 
with the empty conjunction. We identify formulas that are logically equivalent using the laws for 
conjunction T A (/? = (/? and Aie/(AjGJi — AkeK^k where K = {ij \ i £ I A j £ Jj}. This is 
justified because ip = tp implies p \= ip <^ p \= ^p. 



Definition 6 Below, several sublanguages of the set © of observations are defined. 



©T 


95 


:= T 


aip' 


Oct 




:= T 


apJ 


Of 




:= T 


aip' 


Or 




:= T 


aip' 


Oft 




:= T 


aip' 


Ort 




:= T 


aip' 


©15 


"P 


:= T 


aip' 


Ors 


"P 


:= T 


aip' 


OnS 


"P 


:= T 


aip' 



Or 



T 



W e ©t) 
W G Oct) 
{^' £ Of) I 
W e Or) I 
{^' £ Oft) 
W e Ort) 
W e ©is) 



W e OnS 
aip' {ip' £ Ob) 



A 



(partial) trace observations 
completed trace observations 
failure observations 
readiness observations 
Aig/ Oi A if' {if' £ Oft) failure trace observations 

Aie/ '^i ^ f\jeJ ^ 'p' ip' ^ Ort) ready trace observations 

Ai£i Pi (Pi £ ©is) (1-nested) simulation ohservations 

{ip' £ Ors) I a I l\i(ziPi {pi £ Ors) ready simulation observations 

Aie/ Pi (Pi ^ ©ns) I -^P' {P' e ©(„_l)5) 

n-nested simulation observations (for n > 2) 
Atg/ i'Pi £ ©b) I "'V' (v' ^ Ob) bisimulation observations 



For each of these notions N, the set of N -observations of p is On{p) '■= {p^ £ On \p\= p}- 
Theorem 1 For iV G {T, CT , F , R, FT , RT , RS ,nS {n > l),B}, p Qn q iff C'7v(p) ^ 07v(g)- 
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In fact a slight variation of this result will be needed in this paper. 

Definition 7 For N as above, let consist of all formulas (fi with ipi € ©jy. Let 0^{p) := 
{^e(D%\p\= 93}. 

Then clearly On{p) Q ON{q) ^ 0^{p) C 0^{q). In case N £ {RS,nS (n > l),B} there is, up to 
logical equivalence, no difference between ©at and ©^, or between On{p) and Oj^{p). 

Corollary 1 For iV G {T, CT, F , R, FT , RT, RS ,nS (n > p Qn q 0%{p) C 0^{q). 



The following hierarchy follows immediately from the definitions of the respective preorders in 
terms of observations; see [19|. In any LTS, 




where a directed edge from one preorder to another means that the source of the edge is included 
in (i.e. is a finer preorder than) the target. 

For every preorder C^v defined above there exists an associated equivalence =]\f (the kernel of 
C^) given by p =Ar g iff p Etv Q A g Etv P- As is symmetric, one has p =b q q P- 
Obviously p =]y q 0]\f{p) = On{p) iff Oj^{p) = 0^{p). The same inclusion hierarchy given for 
the preorders above applies to their kernels. 



3 Structural operational semantics 

In this paper V and A are two sets of variables and actions. V should be infinite and at least 
at large as A (i.e. \V\ > \A\). Many concepts that will appear later on are parameterized by the 
choice of V and A, but as in this paper this choice is fixed, a corresponding index is suppressed. A 
syntactic object is called closed if it does not contain any variables from V. 

Definition 8 A signature is a collection S oi function symbols f ^ V, with |S| < \V\, equipped 
with a function or : S — > IN. The set ir(S) of terms over a signature S is defined recursively by: 

• y c T(s), 

• if / G S and ti, . . ■ ,tar(f) G "ir(S) then f{ti, . . . ,tar{/)) G """(S). 

A term c() is abbreviated as c. For t £ Tr(S), var{t) denotes the set of variables that occur in t. 
r(S) is the set of closed terms over S, i.e. the terms t G 'n"(S) with var{t) = 0. A T,-substitution a 
is a partial function from V to Tr(S). If o" is a substitution and S is any syntactic object, then (t{S) 
denotes the object obtained from S by replacing, for x in the domain of cr, every occurrence of x 
in S by a{x). In that case (t{S) is called a substitution instance of S. A E-substitution is closed if 
it is a total function from V to r(S). 
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Definition 9 Let S be a signature. A positive Ti-literal is an expression t — ^ t' and a negative 
T, -literal an expression t with t, t' G T(i;) and a £ A. For t, t' G T(S) the hterals t t' and 
t -/^ are said to deny each other. A transition rule over S is an expression of the form with 
H a set of S-hterals (the premises of the rule) and a a S-Iiteral (the conclusion). The left- and 
right-hand side (if any) of a are called the source and the target of the rule, respectively. A rule 
with H = f/> is also written a. A transition system specification (TSS), written (T,,R), consists of 
a signature S and a collection of transition rules over S. A TSS is standard if all its rules have 
positive conclusions, and positive if moreover all premises of its rules are positive. 

The concept of a positive TSS was introduced by Groote &: Vaandrager negative premises 
were added by Groote ||2^. The resulting notion constitutes the first formalisation of Plotkin's 
structural operational semantics [^] that is sufficiently general to cover most of its applications. 
TSSs with negative conclusions are introduced here, because they are needed as intermediate steps 
in our proofs for standard TSSs. 

The following definition tells when a literal is provable from a TSS. It generalises the standard 
definition (see e.g. |24]) by allowing the derivation of transition rules. The derivation of a literal a 



corresponds to the derivation of the transition rule with H = %. The case H corresponds to 
the derivation of a under the assumptions H. 

Definition 10 Let P = (S, R) be a TSS. An irredundant proof of a transition rule from P is a 
well-founded, upwardly branching tree of which the nodes are labelled by S-literals, and some of 
the leaves are marked "hypothesis", such that: 

• the root is labelled by a, 

• H is the set of labels of the hypotheses, and 

• if /? is the label of a node q which is not a hypothesis and K is the set of labels of the nodes 
directly above q, then is a substitution instance of a transition rule in R. 

A proof of — from P is an irredundant proof of — from P with H Q K. If an (irredundant) proof 
of — from P exists, then — is (irredundantly) provable from P, notation P h — (resp. P —). 
We write P h ^ (resp. P h H) for sets of literals K and H if P h ^ (resp. P \- a) for all a G H. 

The main purpose of a TSS (S, R) is to specify a transition relation over S, this being a set of closed 
positive S-literals (transitions). A positive TSS specifies a transition relation in a straightforward 
way as the set of all provable transitions. But as pointed out by Groote |2^], it is much less 
trivial to associate a transition relation to a TSS with negative premises; in particular there are 
TSSs that appear not to specify a transition relation in a meaningful way at all. In van Glabbeek 



1 21 1 eleven answers to the questions Which TSSs are meaningful, and which transition relations 



do they specify?" are reviewed. The "most general solution without undesirable properties" is due 
to VAN Gelder, Ross & Schlipf [18| in the setting of logic programming, and has been adapted 



to TSSs by BOL & Groote ||T^. In [21| it has been reformulated in terms of completeness with 



respect to a notion of provability of closed literals that incorporates a form of negation as failure. 

Definition 11 Let P = (S, R) be a standard TSS. A well-supported proof of a closed literal a from 
P is a well-founded, upwardly branching tree of which the nodes are labelled by closed S-literals, 
such that: 

• the root is labelled by a, and 
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if P is the label of a node q and K is the set of labels of the nodes directly above q, then 
1. either is a closed substitution instance of a transition rule in R 



2. or /3 is negative and for every set of negative closed literals such that P \- — for 7 a 



N 

closed literal denying /3, a literal in if denies one in A^. 
a is ws-provable from P, notation P h^^.^ a, if a well-supported proof of a from P exists. 



Note that the proof-steps 1 and 2 establish the validity of (3 when K is the set of literals established 
earlier. Step 2 allows to infer t -/^ whenever it is manifestly impossible to infer t — ^ t' for 
some term t' (because every conceivable proof of t — ^ t' involves a premise that has already been 
refuted). This practice is sometimes referred to as negation as failure p 



Definition 12 A standard TSS P is complete if for any closed literal t either P t — ^ t' 
for some closed term t' or P t 



Now a standard TSS is meaningful, in the sense that it specifies a transition relation, iff it is 
complete. The specified transition relation is then the set of all lus-provable transitions. 

In the present paper this solution is extended by considering all standard TSSs to be meaningful. 
However, following van Gelder, Ross & Schlipf Q, the meaning of an incomplete TSS is now 
not given by a two-valued transition relation as defined above, but by a three-valued transition 
relation, in which a potential transition can be true, false or unknown. In fact, a slight abstraction 
of this notion will suffice, in which a transition relation is simply defined as a set of closed, positive 
and negative, literals. 

Definition 13 Let S be a signature. A (3-valued) transition relation over S is a set of closed 
S-literals, not containing literals that deny each other. A transition relation is 2-valued if it 
satisfies {t -^) G — > 4^ -i3t' G T{Ti) : {t — ^ t') G — >. The transition relation associated to a 
standard TSS (S,P) is the set of closed S-literals that are u;s-provable from that TSS. 



In 1 21 1 is has been shown that is consistent, in the sense that no standard TSS admits well- 
supported proofs of two literals that deny each other. Thus the transition relation associated to 
a standard TSS is indeed a transition relation as defined above. Note that if a standard TSS is 
complete, its associated transition relation is 2-valued. This means that the negative literals in its 
associated transition relation are completely determined by the positive ones; hence the transition 
relation can be simply given by its positive part. 

In Section ^ several preorders have been defined on labelled transition systems, and provided 



with modal characterisations. These definitions and results apply immediately to the 2-valued 
transition relation associated to a complete TSS (S,P), for such a transition relation gives rise 
to the LTS (r(S),^). In the case of A^ G {T,CT, F, R, FT, RT,1S, RS}, the definition of the 
N-preorder induced by a TSS even extends to incomplete TSSs, namely as follows. 

Definition 14 Let P = (S,P) be a standard TSS. The satisfaction relation |=p C r(S) x (Drs is 
inductively defined by the clauses below (in which p,q £ T{T,)). 

P l=P T 

p |=p aip if 3g : P h^s P 9 A g |=p 

p |=p a if P hws P 

P \=P Aiel V^i if P \=P foi" all i G / 
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For N G {T, CT, F, R, FT, RT, IS, RS}, the set of N -observations of p E r(S) is given by 0^{p) := 
{if G ©AT I p \=p ip}. Likewise, Oj^^{p) := {ip G ©jy | P \=p V?}- The N-preorder induced by P is 
defined by p (7 if 0^{p) C 0^{q). When clear from the context, sub- or superscripts P will be 
omitted. 



Note that in case P is complete, is indeed the N-pieoidev as defined in Section 2 on the LTS 
(r(S), — >), where ^ is the 2- valued transition relation associated to P. In the general case, the 3- 
valued transition relation associated to P gives rise to a structure (r(E), — >, -/^) with — > C TPxAxW 
and 7^ C P X j4. Such a structure could be called a 3-valued LTS. Now p stands for {p, a) G 7^, 
and Theorem 1 can be interpreted as the definition of Cjy (agreeing with Definition 14| above). 
Note that for G {T, CT, F, R, FT, RT, IS, RS} porollaryH] extends to the preorders induced by 
incomplete TSSs. 

Definition 14 does not capture the modality of Definition 4; hence the bisimulation equivalence 
and n-nested simulation preorders (for n > 2) induced by a TSS are defined for complete TSSs 
only. (Extending pefinition 14 in a simple-minded way would invalidate the hierarchy of Section 2| .) 



Definition 15 Let S be a signature. A preorder C on T(E) is a precongruence if for all / G S 

Pi^qiioT i = l,...,ar{f) f{pi,---,Par{f))^f{Ql,---,qar{f))- 

This is equivalent to the requirement that for all t G 'n"(S) and closed substitutions a,a' : V ^ ^(^) 

a{x) C a'{x) for x G var{t) =^ a{t) C a'{t). 

In case C is an equivalence relation as well as a precongruence, it is called a congruence. Note that 
if EAf is a precongruence, its kernel is a congruence. Thus by establishing precongruence results 
for the preorders Cat, we also obtain congruence results for the associated equivalences =Ar. 



4 Precongruence formats 

In this section we define the formats for TSSs that play a role in this paper and state the precon- 
gruence results that we are going to establish. 

Definition 16 An ntytt rule is a transition rule in which the right-hand sides of positive premises 
are variables that are all distinct, and that do not occur in the source. An ntytt rule is an ntyxt 
rule if its source is a variable, and an ntyft rule if its source contains exactly one function symbol 
and no multiple occurrences of variables. An ntytt rule (resp. ntyft rule) is an nxytt rule (resp. 
nxyft rule) if the left-hand sides of its premises are variables. An ntytt rule (resp. ntyft rule) is an 
xyntt rule (resp. xynft rule) if the left-hand sides of its positive premises are variables. 

Definition 17 A transition rule has no lookahead if the variables occurring in the right-hand sides 
of its positive premises do not occur in the left-hand sides of its premises. A variable occurring in 
a transition rule is free if it does not occur in the source nor in the right-hand sides of the positive 
premises of this rule. We say that a transition rule is decent if it has no lookahead and does not 
contain free variables. 
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Each combination of syntactic restrictions on transition rules induces a corresponding syntactic 
format for TSSs of the same name. For instance, a TSS is in decent ntyft format if it contains 
decent ntyft rules only. We proceed to define further syntactic formats for TSSs. 

Definition 18 A TSS is in ntyft/ntyxt format if it contains only ntyft and ntyxt rules. A TSS is 
in tyft/tyxt format if it is positive and in ntyft/ntyxt format. A TSS is in ready simulation format 
if it is in ntyft/ntyxt format and its transition rules have no lookahead. 

Theorem 2 |17| If a complete standard TSS is in ntyft/ntyxt format, then the bisimulation equiv- 
alence that it induces is a congruence. 

Proof: In BOL & Groote |1C] it is established that for any complete standard TSS in ntyft/ntyxt 



format that satisfies a condition called well-foundedness, the bisimulation equivalence that it induces 
is a congruence. This extends an earlier result of Groote &: Vaandrager [24] for well-founded 



TSSs in tyft/tyxt format. In 0] it was shown that for every complete standard TSS in ntyft/ntyxt 
format there exists a complete standard TSS in xynft format that is well-founded, and that induces 
the same transition relation. From this the theorem follows immediately. □ 

Theorem 3 If a TSS is in tyft/tyxt format, then the n- nested simulation preorders that it induces 
for n > 1 are precongruences. 



Proof: Groote & Vaandrager ||2J] stated that for any well-founded TSS in tyft/tyxt format, 
the n- nested simulation equivalences that it induces are congruences. They remarked that this 
result can be established in exactly the same way as the fact that the bisimulation equivalence that 
a well-founded TSS in tyft/tyxt format induces is a congruence. 

We remark that in exactly the same way one can show that the n-nested simulation preorders 



that a well-founded TSS in tyft/tyxt format induces are precongruences. In [17| it was shown that 
for every TSS in tyft/tyxt format there exists a positive TSS in xynft format that is well-founded, 
and that induces the same transition relation. From this the theorem follows immediately. □ 

Theorem 4 If a standard TSS is in ready simulation format, then the ready simulation preorder 
that it induces is a precongruence. 

Definition 19 An occurrence of a variable in an ntytt rule is propagated if the occurrence is either 
in the target, or in the left-hand side of a positive premise whose right-hand side occurs in the 
target. An occurrence of a variable in an ntytt rule is polled if the occurrence is in the left-hand 
side of a premise that does not have a right-hand side occurring in the target. 



Consider for instance the transition rules of [Example 7| in [Section S| . In the second rule both 



occurrences of x in the premisses are propagated, i.e. the variable x is propagated twice. In the 
third rule the variables xi and X2 are polled once each. We can think of a process, represented by 
a variable in a transition rule, as being copied if the variable is propagated more than once. The 
process is tested if the variable is either propagated or polled. 

Our precongruence formats for decorated trace preorders operate by keeping track of which 
variables represent running processes, and which do not. For example, it is semantically reasonable 
to copy a process before it starts, effectively getting information about all the conjuncts in a 
(J) S 0^. However, copying a running process would give information about the branching structure 
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of the process, which is incompatible with any form of decorated trace semantics. We introduce 
a predicate A as the basis for determining the A-floating variables, which represent processes that 
may be running. 

Definition 20 Let S be a signature, and A a unary predicate on {(/, i) | 1 < i < ar{f), f G S}. 
If A{f,i), then we say that argument i of / is liquid; otherwise it is frozen. An occurrence of a 
variable x in a term t G Tr(E) is at a A-liquid position if either t = x, or t = f{ti, . . . ,tar(/)) 
the occurrence of x is A-liquid in ti for some liquid argument i of /. A variable in an ntytt rule over 
S is A-floating if either it occurs as the right-hand side of a positive premise, or it occurs exactly 
once in the source, at a A-liquid position. 

Note that an occurrence of a variable x in a term t G T(S) is A-liquid iff t does not contain a 
subterm f{ti, . . . ,tar(f)) such that the occurrence of x is in ti for a frozen argument i of /. 

Definition 21 Let A be a unary predicate on arguments of function symbols. A standard ntytt 
rule is A-ready trace safe if 

• it has no lookahead, and 

• each A-floating variable has at most one propagated occurrence, which must be at a A-liquid 
position. 

The rule is A-readiness safe if 

• it is A-ready trace safe, and 

• no A-floating variable has both propagated and polled occurrences. 
The rule is A-failure trace safe if 

• it is A-rcadiness safe, and 

• each A-floating variable has at most one polled occurrence, which must be at a A-liquid position 
in a positive premise. 

The second restriction on "A-ready trace safe" guarantees that a running process is never copied, 
and continued to be marked as running after it has executed. The "A-readiness safe" restriction 
ensures that only at the end of its execution a running process is tested multiple times. The 
"A-failure trace safe" restriction further limits to a positive test on a single action. 

Definition 22 A standard TSS is in ready trace format if it is in ntyft/ntyxt format and its rules 

arc A-ready trace safe with respect to some A. A standard TSS is in readiness form,at if it is in 
ntyft/ntyxt format and its rules are A-readiness safe with respect to some A. A standard TSS is in 
failure trace format if it is in ntyft/ntyxt format and its rules are A-failure trace safe with respect 
to some A. 

Note that if a standard TSS P is in ready trace format (resp. readiness format or failure trace 
format), then there is a smallest predicate Aq such that the rules of P are Ao-ready trace safe (resp. 
Ao-readiness safe or Ao-failure trace safe). In the context of the ready trace format, for instance, 
Aq can be defined as the smallest predicate A such that for all rules of P each A-floating variable is 
propagated at A-liquid positions only. Now P is in ready trace format iff it has no lookahead and 
in all of its rules each Ao-floating variable is propagated at most once. Therefore, in the context 
of a given standard TSS and a given format, positions can be called liquid and variables floating 
without mentioning a specific predicate A; in such a case Aq may be assumed. 
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Theorem 5 If a standard TSS is in ready trace format, then the ready trace preorder that it 
induces is a precongruence. 

Theorem 6 If a standard TSS is in readiness format, then the readiness preorder that it induces 
is a precongruence. 

Theorem 7 If a standard TSS is in failure trace format, then the failure trace and failure preorders 
that it induces are precongruences. 



Sections ^-^ are devoted to the proofs of Theorems Section £ presents a series of coun- 



terexamples showing that the syntactic restrictions formulated above are essential for the claimed 
precongruence results. These counterexamples also help in motivating the definitions above. 

For comparison with the literature we point out that a standard TSS is in GSOS format iff 
it is finite and in decent nxyft format, and each rule has finitely many premises. A standard TSS 
is in de Simone's format iff it is positive, in decent nxyft format, and its rules are A- failure trace 
safe with A the universal predicate (making all arguments of function symbols liquid). 

5 Preservation of syntactic restrictions 

Later on, in the proofs of the precongruence theorems, we will use transition rules with negative 
conclusions. For this reason, the ready trace, readiness and failure trace formats need to be extended 
to non-standard TSSs. 

Definition 23 Let A be a unary predicate on arguments of function symbols. An ntytt rule with 
a negative conclusion is A-ready trace safe or A-readiness safe if it has no lookahead. The rule is 
A-failure trace safe if 

• it is A-readiness safe, and 

• A-floating variables are polled only at A-liquid positions and only in negative premises. 



Now Definition 22 applies to non-standard TSSs as well. Note that for A-ready trace and A- 
readiness safety the requirements are the same as in the standard case, for in a rule with a negative 
conclusion no variable is propagated. In the definition of A-failure trace safety, however, rules with 
positive and negative conclusions are treated differently. 

In the remainder of this section we show that the syntactic restrictions of the precongruence 
formats for TSSs in decent ntyft format are inherited by the ntytt rules irredundantly provable 
from such TSSs. The restriction to TSSs in decent ntyft format is justified because Propositions 



and 1^ in Section 6.1 will imply that in the proofs of Theorems we may, without limitation of 



generality, restrict attention to TSSs in decent ntyft format. The results of this section will be of 
use in the forthcoming proofs of the precongruence theorems. 

For H a set of literals let Ivar(H) denote the set of variables occurring in left-hand sides of 
literals in H, and rhs{H) the set of right-hand sides of positive literals in H. Note that an ntytt 
rule — ^ [resp. ^ ] is decent iff lvar{H) C var{t) [and var{t') C var{t) U rhs{H)]. 

t >t' 



Lemma 1 Let P = {T,,R) be a TSS in decent ntytt format. Then any ntytt rule irredundantly 
provable from P is decent. 
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Proof: We prove a slightly stronger statement, namely that any transition rule — ^ [resp. ^ ] 
irredundantly provable from P satisfies lvar{H) C var{t) [and var{t') C var{t)Urhs(H)]. We apply 
structural induction with respect to the irredundant proof vr of such a rule from P. Let P 
the case of a rule with a negative conclusion goes similarly. 

Induction basis: Suppose vr has only one node. Then H = {t — ^ t'}, which implies that t' is a 

variable. Clearly has the required properties. 

Induction step: Let r S i? be the decent ntytt rule and p be the substitution used at the bottom 
of vr, where r is of the form ^^fc >i/fc|A:e_K'Ju{w^^|£gL} ^ 'pj-^gj^ ^j^^^ — ^ g^j^^j /o(^i') = i'- Moreover, 

u >m' 

transition rules ^7 for k £ K and — ^^^^^ — for £ £ L are irredundantly provable from P by 

means of strict subproofs of vr, where H = Ufceft: -^^fcUlJ^g^^ H^. By induction lvar{Hk) C var{p{vk)) 
for k G K. As r is decent we have var{vk) ^ var{u), so lvar{Hk) C var{p{vk)) C var{p{u)) = var{t) 
for k € K. Similarly, lvar{H() C var(t) for I £ L, thus Ivar(H) C var{t). 
As r is decent we have var{u') C var{u) U {yfe | G -fC}, so 

var{t') = var{p{u)) C var{t) U [J var{p{yk)). 

k&K 

By induction we have var{p{yk)) C var{p{vk)) U rhs{Hk) C var{t) U rhs{Hk) for k £ K. It follows 
that TOr(t') C mr(t) U rhs{H). □ 

Lemma 2 Let P = (S, ii) be a TSS in decent ntyft format of which the transition rules are A-ready 
trace safe. Then any ntytt rule — ^— irredundantly provable from P is A-ready trace safe. 

t — >u 

Proof: We apply structural induction with respect to the irredundant proof vr of ^ from P. 

t >M ^ 

Induction basis: Suppose tt has only one node. Then it must be the case that H = {t^ u}, 
which implies that u is a variable. The A-floating variables in are u and the variables that 

t >u 

occur in A-liquid positions in t. Both kinds are propagated only once, in the target and in the 
left-hand side of the positive premise, respectively. These propagations are at A-liquid positions. 
Induction step: Let r £ R he the decent ntyft rule and p be the substitution used at the 

bottom of vr, where r is of the form '^^fcl^^-^l^i"''?^!^^-^} ^ Xhen fipixi), . . . , p(xar(f))) = t and 

p{v) = u. Moreover, transition rules = ^^ for k £ K and = — — for £ £ L are 

p{vk)—^p(yk) p(wt)-^ 
irredundantly provable from P by means of strict subproofs of vr, where H = UfceA' -f^fc U U^eL 

As r is decent we have var{vk) ^ {xi, . . . ,a;ar(/)}7 so var{p{vk)) ^ {j^^P var{p{xi)) = var{t) for 
k£K. Since ^ is an ntytt rule, rhs{H) D var{t) = 0. Hence rhs{Hk)ri var{p{vk)) = for k£K. 

t *u 

It follows that the rules for k £ K are ntytt rules. The same holds for the rules for I £ L. By 



Lemma 1, the rules and are decent. 



Let Kq denote {k £ K \ y^ £ var{v)}. We make the following observation. 

(A) If the right-hand side y of a positive premise in H occurs in n, then there is a k £ Kq such 
that the premise is in Hi^. and y £ var[p{yk)). 

Namely, y does not occur in p{xi) for i = 1, . . . , ar{f). Since y £ var{p{v)) and, by the decency of r, 
var{v) C {xi, . . . U {yk \ k £ Kq}, y must occur in p[yk) for some k £ Kg. Furthermore, 
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var{v^.) C {xi, . . . implies y var{p{vk)). So by the decency of , the positive 

premise in H with right-hand side y is in H^. ^^^''^ ^^fe) 

Let the variable z be A-fioating in a ■ We need to prove that z is propagated at most once 

t *U TT 

in this rule, and at a A- liquid position. Since z is A-floating in — ^ — , we can distinguish two cases. 

t — yu 

1. Let z occur at a A-liquid position in for a liquid argument i of /. 

By assumption z occurs only once in t, so z occurs only once in p{xi), and z var{p{xj)) for 
j ^ i. We make a second observation. 

(B) If Xi var{vk) for some k ^ K, then z var[Hk) and z var[p[yk)). 
Namely, as ^ is a ntytt rule, var{t) H rhs{Hk) ^ var{t) H rhs{H) = 0, hence z rhs{Hk). 

t >'U 

Furthermore, var{vk) C {^i, . . . , x^y-jj)}, Xj var{vk) and z does not occur in p{xj) for j / i, 

so z ^ var{p{vk))- Hence, by the decency of ^^ , z occurs neither in nor in p{yk)- 

Once more we distinguish two cases. 

1.1 Let Xi var{vk) for all k G Kq. 

By (B), z ^ var{p{yk)) for k G Kq. Furthermore, z does not occur in p{xj) for j ^ i, and 
z occurs only once in p{xi), at a A-liquid position. Finally, since r is A-ready trace safe, 
and z is a liquid argument of /, Xi occurs at most once in v, and at a A-liquid position. As 
var{v) C {xi, . . . U {y^ \ k G Kq}, it follows that z occurs at most once in p{v) = u, 

and at a A-liquid position. 

By (B), z ^ var{Hi^) for k G Kq. Moreover, by (A), right-hand sides of positive premises 
in Hk for k G K\Kq and for £ G L do not occur in u. Hence, there are no propagated 

H 



occurrences of z in left-hand sides of positive premises in 

t — *u 

1.2 Let Xi G var{vk') for some k' ^ Kq. 

r is A-ready trace safe, and i is a liquid argument of /, so xi ^ var{v) and Xj ^ var{vk) 
for k G KQ\{k'}. Moreover, Xi occurs only once in vj^i, at a A-liquid position. Since z 
occurs only once in p{xi), at a A-liquid position, and z does not occur in p{xj) for j ^ i, 
it follows that z occurs only once in p{vk'), at a A-liquid position. Thus, by induction z is 
propagated at most once in ^ , and at a A-liquid position. In particular, z occurs 

at most once in p{yk'), and at a A-liquid position. Moreover, as r is A-ready trace safe, y^' 

occurs at most once in v, and at a A-liquid position. By (B), Xi ^ var{vk) implies that 
z var{p{yk)) for k G KQ\{k'}. Furthermore, Xi var{y) and z var{p{xj)) for j / i. As 
var{v) C {xi, . . . , Xar{f)} U {j/fc I fc G Kq}, it follows that ^; occurs at most once in p{v) = u, 
and at a A-liquid position. 

If there are no propagated occurrences of z in left-hand sides of positive premises of — p— , 

c . * — 

then we arc done. So suppose there is a positive premise s — > y in H where z occurs in s 
and y G var{u). We proceed to prove that the occurrence of z in s is A-liquid and that this 

H 



is the only propagated occurrence of z in 

t — >« 

By (B), Xi var{vk) implies z var{Hk) for k G KQ\{k'}. On the other hand, since 
y G var{u), (A) yields that s — ^ y & and y G var{p{yk)) for some k G Kq. Hence, 
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s — > y G Hf^/ and y G var{p{yk')). By induction, z is propagated at most once in ^ 



and at a A-liquid position. So the occurrence of z in s is A-liquid. Moreover, it is the 
only propagated occurrence of z in the left-hand sides of the positive premises in Hk', and 
z var{p{yy)). 

Xi^ var{v), 2: occurs neither in p{xj) for jT^inor in p{yk) for /c G i^oVI^'}) and z^var{p{yy)). 
As var{v) C {xi, . . . , U {yt \ k G -K^o}) it follows that z does not occur in p{v) = u. 

According to (A), right-hand sides of positive premises in Hk for k G K\Kq and in 
for £ £ L do not occur in u. Furthermore, by (B), Xi var[vk) implies z var(Hk) for 

k G i^o\{^'}- Finally, for positive premises s' — ^ y' in H^' with z G var{s') and y' ^ y we 
have y' ^ var{p{yki)), and so by (A) y' var{u). Hence, the occurrence of z in the left-hand 

side of s — ^ y is the only propagated occurrence of z in — . 

t — 

2. Let z be the right-hand side of a positive premise in H . 

Since ^ is decent, z does not occur in left-hand sides of premises in H. It remains to prove 
t — 

that z occurs at most once in n, and at a A-liquid position. 

Since ^ is an ntytt rule, z does not occur in p{xi) for i = 1, . . . , ar{f). As r is decent, 

t >M 

var{vk) ^ {xi, . . . ,Xar{/)} for k £ K. Hence z does not occur in p{vk) for k £ K. 

According to (A), right-hand sides of positive premises in for k G K\Kq and in for 
^ G L do not occur in u. So we may assume that z is the right-hand side of a positive premise 
in Hki for some k' G -fiTo- Then clearly z does not occur in for A; G K^Wk'}. So by the 

decency of ^^ , z var{p{yk)) for A; G EToVi^'}- By induction, z occurs at most once 

p{vk) — ^p(yk) 

in p{yk'), and at a A-liquid position. Since r is A-ready trace safe, yk' occurs at most once in 
V, and at a A-liquid position. As var{v) C {xi, . . . U {y^ \ k G -K^o}) it follows that z 

occurs at most once in p{v) = u, and at a A-liquid position. 

We conclude that z is propagated at most once in ^ , and at a A-liquid position. □ 

t ^U 

Lemma 3 Let P = (S, R) be a TSS in decent ntyft format of which the transition rules are 
A-readiness safe. Then any ntytt rule a irredundantly provable from P is A-readiness safe. 

t >u 

Proof: Let the variable z be A- floating in We need to prove that z is not both propagated 

t >u 

and polled in this rule. In case z is the right-hand side of a positive premise, it is not polled, since 
the rule is decent, by Lemma 1. So assume z occurs exactly once in t, at a A-liquid position. We 
apply structural induction with respect to the irredundant proof vr of ^ from P. 

t ^U Q 

Induction basis: Suppose vr has only one node. Then it must be the case that H = {t — ^ n}, 
which implies that u is a variable. There are no polled variables in „ 

t ^U 

Induction step: Let r G be the decent ntyft rule and p be the substitution used at the 
bottom of vr, where r is of the form i^fc fyk\keK}u{wi-f^\e£L} ^ ^^len f{p{xi), . . . , p{xar(f))) = t and 
p{v) = u. Moreover, transition rules ^^ ioi k £ K and — — for £ G L are irredundantly 

provable from P by means of strict subproofs of vr, where H = Ufcex U U^eL As in the proof 
of Lemma 2 it can be shown that these rules are ntytt, and by [Lemma 1 they are decent. 
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By assumption, z occurs exactly once in p{xi) for some liquid argument i of /, at a A-liquid 
position, and z ^ var{p{xj)) for j / i. Let Kq denote {k £ K \ yi;. £ var{v)}. We recall two 
observations from the proof of [Lemma ^ . 

(A) If the right-hand side y of a positive premise in H occurs in u, then there is a fc £ Kq such 
that the premise is in Hk and y G var{p(yk)). 

(B) If Xi var{vk) for some k £ K, then z var{Hk) and z var[p[yk)). Likewise, if Xi 
var{w() for some i £ L, then z var{H(). 

Suppose z is polled in ^ , so that we can distinguish the following two cases. We need to prove 

t >u „ 

that z is not propagated in — ^ — . 

f — 

1. Let z be polled in the left-hand side of a premise in H^i for some k' £ K\Kq or in Hi/ for 
some i' £ L. 

By (B), z S var{Hk>) or z £ var{He') implies Xj £ var{vk') or Xj G var{wii), respectively, so Xi 
is polled in r. Since r is A-readiness safe, and z is a liquid argument of /, it follows that Xi is 
not propagated in r. Hence, Xi occurs neither in v nor in Vk for k £ Kq. By (B), Xi var{vk) 
implies z var[Hk) for k £ Kq. So, in view of (A), occurrences of z in left-hand sides of 
positive premises in H are not propagated in ^ . It remains to prove that z var{u). 

t >M 

By (B), Xi var{vk) implies that z var{p{yk)) for k £ Kq. Moreover, Xi var{y) and z 
does not occur in p{xj) for j / i. As var{y) C {xi, . . . , Xar(/)} U {y^ | ^ £ -K^o}> it follows that 
z does not occur in p{v) = u. 

2. Let z be polled in the left-hand side of a premise in H^' for some A;' £ Kq. 

Then z occurs in the left-hand side of a premise in H^' of the form s or s — ^ y with 
y var{u). In the latter case, y^/ € var{v) implies that y var{p{yk')). So in both cases, z 

is polled in ^ . 

pK')-^p(j/fc') 

By (B), z £ var{Hk') implies Xi £ var{vk'). Since r is A-readiness safe, and i is a liquid 
argument of /, Xi occurs neither in v nor in Vk for k £ KQ\{k'}. Moreover, Xi occurs only 
once in v^/, at a A-liquid position. Since z occurs exactly once in p{xi), at a A-liquid position, 
and not at all in p{xj) for j ^ i, it follows that z occurs exactly once in p{vk'), at a A-liquid 

position. Since z is polled in , by induction it is not propagated in this rule. So 

pK')-^p(yfc') 

if (s — > y) £ Hk' and z £ var{s) then y does not occur in p{yk'), and hence, by (A), not in 
u. Thus, occurrences of z in left-hand sides of positive premises in Hk' are not propagated 

in ^ . Furthermore, by (B), Xi var{vk) implies Xj var{Hk) for k £ KQ\{k'}. So, in 

t — >« 

view of (A), occurrences of z in left-hand sides of positive premises in H are not propagated 
in ^ . It remains to prove that z var{u). 

t *u 

By (B), Xi var{vk) implies that z var[p[yk)) for k £ i^o\{^'}- Moreover, since z is not 

propagated in , z var{p{yk')). Finally, Xi var{v) and z does not occur in 

pK')-^p(s/fc') 

p{xj) for J / i. As var{v) C {.xi, . . . , x^^^j)} U {yfc | k £ Kq}, it follows that z does not occur 
in p{v) = u. 

We conclude that z is not propagated in ^ . □ 

t >u 
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Lemma 4 Let P = (S, R) be a TSS in decent ntyft format of which the transition rules are 

A-failure trace safe. Then any ntytt rule ^ irredundantly provable from P is A-failure trace 

t — 

safe. 

Proof: Let the variable z be A- floating in ^ . We need to prove that z is polled at most once in 

t ^U 

this rule, at a A-liquid position in a positive premise. In case z is the right-hand side of a positive 



premise, it is not polled, since the rule is decent, by [Lemma 1 . So assume z occurs exactly once in 



t, at a A-liquid position. We apply structural induction with respect to the irredundant proof vr of 
from P. 

t >U ^ 

Induction basis: Suppose tt has only one node. Then it must be the case that H = {t^ u}, 

a 

where n is a variable. There are no polled variables in . 



Induction step: Let r E be the decent ntyft rule and p be the substitution used at the 
bottom of TT, where r is of the form 'yk\keK}u{we-7^\e<^L} ^ ^^len f(p{xi), . . . , p{Xar(f))) = t and 

/{a;i,...,x„r(/)) ^ ' 

p{v) = u. Moreover, transition rules ^^ for k £ K and — — for £ £ L are irredundantly 

provable from P by means of strict subproofs of vr, where H = IJfcex U U^eL ^i. As in the proof 



of [Lemma 2| it can be shown that these rules are ntytt, and by [Lemma 1| they are decent. 

By assumption, z occurs exactly once in p{xi) for some liquid argument i of /, at a A-liquid 
position, and z var{p{xj)) for j ^ i. We need to prove that z is polled at most once in ^ , at 

t >tt rn 

a A-liquid position in a positive premise. We recall an observation from the proofs of Lemmas y 
and ^ 

(B) If Xi var{vk) for some k £ K, then z var[H].). Likewise, if Xi var{w() for some i £ L, 
then z ^ var{H(). 

r is A-failure trace safe, and i is a liquid argument of /. So Xi is polled and propagated at most 
once in r in total, at a A-liquid position and not in a negative premise. In particular, Xi var{we) 
for I £ L, so in view of (B), z var{H() for i £ L. Suppose z £ var{Hy) for some k' £ K. By (B), 
Xi £ var{vk')- Then Xi var{vk) for k £ K\{k'}^ so in view of (B), z var{Hk) for k £ K\{k'}. 
Furthermore, Xi occurs only once in vy, at a A-liquid position. Since z does not occur in p{xj) 
for j ^ i and exactly once in p{xi), at a A-liquid position, it follows that z occurs exactly once in 
p{vk'), at a A-liquid position. By induction together with Lemmas ^ and |^, z occurs at most once 
in Hk', at a A-liquid position in a positive premise. We conclude that z occurs at most once in H, 
at a A-liquid position in a positive premise. □ 

Lemma 5 Let P = (S, R) be a TSS in decent ntyft format of which the transition rules are 
A-failure trace safe. Then any ntytt rule irredundantly provable from P is A-failure trace safe. 

Proof: With structural induction w.r.t. the irredundant proof vr of from P we establish: 

t / > 

Let be an ntytt rule that is irredundantly provable from P. If all occurrences of the variable 

z in t are at A-liquid positions, then z is polled only at A-liquid positions and only in negative 
premises of this rule. 



Together with Lemma 1 this immediately yields the desired result. 



Induction basis: Suppose vr has only one node. Then it must be the case that H = {t -7^}. 
There are no positive premises in Moreover, z is polled only at A-liquid positions. 
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Induction step: Let r G Rhe the decent ntyft rule and p be the substitution used at the bottom 
of vr, where r is of the form ^"fc *yk\k£K}u{wi-y^\ieL} ^ j^^ien f{p{xi), . . . ,p[xar(f))) = t. Moreover, 
transition rules ^^ for k £ K and — — for £ £ L are irredundantly provable from P by 



means of strict subproofs of vr, where H = {J^^x U UfeL proof of p^emma 2 it can 

be shown that these rules are ntytt, and by Lemma l] they are decent. 



r is A-failure trace safe, so variables Xi for liquid arguments z of / do not occur in the Vk for 
k £ K, and only at A-hquid positions in the wg for £ £ L. By assumption z only occurs in p{xi) 
for liquid arguments i of /, at A-liquid positions, so z does not occur in the p{vk) for k £ K, and 

only at A-liquid positions in the p{wi) for £ £ L. The decency of ^ implies that z does 

p(ffe) — >piyk) 

not occur in the left-hand sides of the premises of Hj^ for k £ K. Moreover, by induction z does 
not occur in the positive premises and only at A-liquid positions in the negative premises in Hi for 
i £ L. Hence, z is polled only at A-liquid positions and only in negative premises in □ 

6 Reducing well-supported proofs to standard proofs 

Theorems Q-^ deal with preorders induced by standard TSSs through the notion of well-founded 
provability. In this section it is shown that without loss of generality we may use the classical 



notion of provability (of Definition IC) instead. To this end we show that for any given standard 
TSS P = in ready simulation format (i.e. in ntyft/ntyxt format without lookahead), there 

exists a TSS P^ = {T,,R~^) in decent ntyft format such that P h^js ct 4^ P^ h a. Moreover, 
the relevant formats are preserved under the translation of R into R'^ . However, in general P^ 
will not be a standard TSS. It is for this reason that rules with a negative conclusion have been 



introduced in Definition 9, and that the precongruence formats were extended to non-standard 



TSSs in Definition 23. 



The conversion from R to i?+ will be performed in three steps. In pection 6.1| we show that for 
any standard TSS P = (S, R) in ready simulation format there exists a standard TSS P' = (S, R!) 
in decent xynft format with the same class of los-provable literals. Moreover, if P is in ready trace, 



readiness, resp. failure trace format, then so is P' . In Section 6.2 we show that for standard TSSs 
in decent xynft format the notion of well-supported provability coincides with a simpler notion of 
supported provability. Finally, in Section we show that for any standard TSS P' = (S, R!) in 



decent xynft format there exists a TSS P~^ = (S,/?"*") in decent ntyft format such that supported 
provability from P' coincides with classical provability from P^ . Also this translation preserves 
the ready trace, readiness and failure trace formats. Together, this yields the desired result. 

6.1 Reducing ntyft/ntyxt rules without lookahead to decent xynft rules 

We show that for every standard TSS P in ready simulation format there exists a standard TSS 
P' in decent xynft format, such that 

(i) P ^yjs Oi ^ P' \-ws a for any closed literal a, 

(ii) if P is in ready trace format, then so is P' , 

(iii) if P is in readiness format, then so is P' , 

(iv) and if P is in failure trace format, then so is P' . 
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The following proposition helps in establishing the first requirement above. 

Proposition 1 Q Let P = and P' = be standard TSSs with the property that 

P h — r-7 <^ P' ^ ^ ^ for any closed transition rule — r-7 with only negative premises. Then 
P \-ws a <^ P' \-yjs a for any closed literal a. □ 

Proof: By symmetry it suffices to establish This goes with structural induction on proofs. 

Let TT be a well-supported proof of a from P. In case a is negative, it must be the case that for 
every set of negative closed literals such that P h ^ for 7 a closed literal denying a, a strict 
subproof of TT proves a literal 5 that denies one in A^. Hence for every set of negative closed 
literals such that P' \- — for 7 a closed literal denying a, a strict subproof of vr proves a literal 6 
that denies one in A^. By induction P^ ^ws ^ for all those literals 6. It follows that P^ ^ws ^* 

In case a is positive, just take the bottom portion of vr obtained by deleting all nodes above 
nodes that are labelled with a negative literal. That portion is a proof of a closed transition rule ^ 
from P in which A^ is a set of closed negative literals. By assumption, P' \- ^. Moreover, P l-y^g 7 
for all 7 G A^, by strict subproofs of vr. Thus by induction P' hy^g 7 for all 7 G A^. By pasting the 
proofs of 7 from P' for 7 G A^ on top of the proof of ^ from P' , a well-supported proof of a from 
P' is obtained. □ 

As a first step in the reduction process we show that we can refrain from ntyxt rules. 

Proposition 2 For each standard TSS P = (S, R) in ready simulation format there exists a 
standard TSS P' = (12, R') in ntyft format without lookahead such that the requirements (i)-(iv) 
above are met. 

Proof: Replace each ntyxt rule r in i? by a collection of ntyft rules {rj \ f G S}, where each 
rj is obtained by substituting f{xi,...,Xn) for the variable x that constitutes the source of r, 
with xi, . . . ,Xn variables that do not yet occur in r. Let R' denote the collection of ntyft rules 
that is thus obtained. Note that if a closed transition rule is provable from a TSS, it has a closed 
proof. Moreover, each closed proof from P of a closed transition rule is a proof from P' of the 



same transition rule, and vice versa. Hence, by Proposition 1, P a <^ P' \-ws for any closed 



literal a. As the rules in R have no lookahead, neither have the rules in R' . In order to check 
requirements (ii)-(iv) note that the variable Xi is propagated (resp. polled) in exactly when and 
where x is propagated (resp. polled) in r. Moreover, if Xi is A-floating in rj, an occurrence of Xi in 
is A- liquid iff the corresponding occurrence of x in r is. □ 

Next we show that we can restrict attention to decent ntyft rules, i.e. we can assume that none of 
the rules has free variables. 

Proposition 3 For each standard TSS P = (S,i?) in ntyft format without lookahead there exists 
a standard TSS P' = (S, R!) in decent ntyft format such that the requirements (i)-(iv) above are 
met. 

Proof: Replace every rule with free variables by a set of new rules. The new rules are obtained by 
applying every possible substitution of closed terms for the free variables in the old rule. Now every 
closed proof from P of a closed transition rule is a proof from P' of the same transition rule, and 



vice versa. Hence, by Proposition 1, P a 4^ P' ol for any closed literal a. By construction, 
the rules in R! have no free variables. As the rules in R have no lookahead, neither have the rules 
in i?'; hence P' is in decent ntyft format. The requirements (ii)-(iv) hold trivially. □ 
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Finally we have to show that decent ntyft rules can be reduced to decent xynft rules. 

Lemma 6 If ^ 7^ 0, then the set of all literals over a signature S is equally large as the set V of 
variables. 



Proof: Recall from Bection 3| that |S| < \V\ and \A\ < \V\. Let the size of a term be the largest 



number of nested function symbols in it. In case S = we have ^(S) = V, so |T(S)| = Now 
suppose S 7^ 0. With induction to n G IN it follows that there are \ V\ terms of size n: 

Induction basis: Terms of size are variables. The cardinality of the set of those terms is \V\. 

Induction step: Suppose the set of all terms of size n has cardinality \V\. Then the number of 
terms of size n + 1 with leading function symbol / is = \V\, using that \V\ is infinite. Thus 

the number of terms of size n + 1 is |S| x \V\ = \V\, using that |S| < \V\. 

Hence, even if S 7^ we have |T(S)| = = \V\. So the set of literals over S has 

cardinality \V\ x |^| x \V\ + \V\ x \A\ = \V\, using that 7^ |^| < \V\. □ 



Next we need a lemma that is very similar to the forthcoming Proposition 8 in Section 7 . There, 
some intuitive explanation can be found as well. 

Lemma 7 Let P = (S, R) be a standard TSS in decent ntyft format. If P h — ^ — with a set 

a(t) >t' 

of negative literals, then there are a decent xyntt rule ^ and a substitution a' with P ^ , 
Ph ^jffj^, a' {t) = a (t) and a' (u) =t'. 

Proof: First, suppose t is a variable. By default, the decent xyntt rule -^r^ is irredundantly 

t 

provable from P. Let a' be a substitution with cr'(t) = a(t) and cr'(y) = t' . Clearly, P h ^ — . 

a'{t ^y) 

Next, suppose t = f{ti, . . . , tar(/))- We apply structural induction to a proof n of the transition 
rule — ^ — from P. Let r € i? be the decent ntyft rule and p be the substitution used at the bottom 

of vr, where r is of the form ^"'^ *yk\keK}u{wi-f^\ieL} ^ 'pj^gj^ p{xi) = CF{ti) for i = 1, . . . , ar{f), 

p{v) = t', {p{we) G N for i G L, and ^ foi k G K are provable from P by 

p(ffc) — >p{yk) 

means of strict subproofs of tt. Since r is decent, var{vk) for k £ K and var{w() for £ €z L 
are included in . . . , Let po be a substitution with po{x,i) = ti for i = l,...,ar(/). 
As p{xi) = a{ti) = a{pQ{xi)) for i = l,...,ar(/), we have p{vk) = cr{po{t^k)) iov k £ K and 
p{w£) = a{pQ{wi)) for i £ L. So for k £ K are provable from P by means of strict 

subproofs of vr. According to the induction hypothesis, for k £ K there are a decent xyntt rule 
— and a substitution ct^ with P hi„ — , P h -rjTT-T, cf'kiPoivk)) = cr{po{vk)) and 

Po(ffe) 'Uk P0V"k) ►ffe ' 



a'^{uf^) = p{yk)- By Lemma ^ , we can choose the sets of variables in the right-hand sides of the 



positive premises in the H}^ (for k G K) pairwise disjoint, and disjoint from var{t). This allows us 
to define a substitution a' with: 

• (y'{z) = ct{z) for z G var{t); 

• a' (z) = a'j^{z) for right-hand sides z of positive premises in Hf^ for k £ K. 
Let 

H = D Hk U {poiwe) ^\eeL} . 
keK 
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Moreover, let pi be a substitution with pi{xi) = tj for i = 1, . . . , ar{f) and pi{yk) = for k £ K. 
We verify that the rule — ^ — together with the substitution a' satisfy the desired properties. 

t *pi{v) 

As var{vk) ^ {xi, . . . ,Xar{f)]-, it follows that var[pQ{vk)) ^ var{t). Since a' and a agree on 

var{t), cr'(/3o(ffe)) = o"(po(^^fe)) = f''A;(Po(^fc)) for k £ K. Thus, by the decency of — , a' and 

a'f^ agree on all variables occurring in this rule for k £ K. Poi-vk) 

1. pi and po agree on varivk) ^ {xi, . . . ■,Xar{f)}-, so pi{vk) = Po{vk) for k £ K. Likewise, pi{we) 
= po{wi) for £ G L. Since P r, we have P hi„ pi(r) = Vo(^fe)^^.|fcg5}u{poK)^|teL} _ 

t >pi{v) 

Furthermore, P 1-^ ^^rj — for A; G As H = UfceA- -^fe {Po(''w<?) 4^1 ^ e -^^}, it follows 

that P hi„ ^r-^i . 

t ►pi(i;) 

2. The right-hand sides of the positive premises in any are distinct variables. By construction, 
these sets of variables (one for every k £ K) are pairwise disjoint, and disjoint from var{t). 
Hence — ^ — is an ntytt rule. Since the positive premises in H originate from Hj^ (for 

t ^pi{v) 

k £ K), their left-hand sides are variables. This makes the rule an xyntt rule. The rule is 



decent by Lemma 1 



3. fj' agrees with cr^, on variables in for k £ K, and with a on variables in po{we) for i £ L. 
Since P h / fL for k£K, and {a{po{wf)) -^) G for ^gL (using that a{po{we)) = p{wi)), 



we conclude that P h — 



N 



a'(H)- 

4. Since a' and a agree on var{t), cr'{t) = cr{t). 

5. a'{pi{xi)) = (T'{ti) = a{ti) = p{xi) for i = 1, . . . , ar{f). Moreover, since a' and cj[, agree on 
var{uk), (y'{pi{yk)) = cr'{uk) = o-^(ufc) = p{yk) for k £ K. As var{v) C {xi, . . ■ ,Xar(f)}^ {Vk I 
k £ K}, it follows that a'{pi{v)) = p{v) = t' . □ 

Lemma 8 If all the rules in a TSS Q are provable from a TSS P, then all the rules that are 
provable from Q are also provable from P. 

Proof: Straightforward and left to the reader. □ 

Proposition 4 For each standard TSS P = (5],P) in decent ntyft format there exists a standard 
TSS P' = (S,P') in decent xynft format such that the requirements (i)-(iv) above are met. 

Proof: Let R' consist of all decent xynft rules irredundantly provable from P. In order to establish 

(i) we show that P' h ^ ^ P 'r a for all literals t — ^ t' with t closed and all sets of negative 
^ ' t-^t' t^t' ^ 

literals N. By iLemma 8| we have P' h ^ P K ^ . For the other direction we use 
' t — >t' t—^t' 

structural induction on t. So assume P h — s — . By Lemma 7 there are a decent xynft 

/{*! v,*ar(/)) 

rule r = — s — and a substitution a' with P hin- r, P K for a £ H, a'ixi) = ti for 

1 = 1,... ,ar{f) and cr'(n) = t' . Thus r £ R' . For the negative literals a in H the proof of 

is trivial. As — a — is a decent xynft rule, the positive literals a' (a) with a £ H have 
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the form tj — ^ v. Hence by induction P' H ff . for a £ H. Moreover, a'(r) = zlMl — — 

is a substitution instance of a rule in R' , so P' h — a — • This concludes the proof of 

/(ti,...,t„r(/)) — 

requirement (i) . Requirements (ii) , (iii) and (iv) are immediate corollaries of Lemmas |2|, ^ and 
respectively. □ 

The results of this subsection are combined as follows: 

Corollary 2 Let P be a standard TSS in ready simulation format. Then there exists a standard 
TSS P' in decent xynft format such that P' h^s a 4^ P a for all closed literals a. Moreover if 
P is in ready trace format (resp. readiness format or failure trace format) then so is P' . 

This also implies that C^' equals for each notion of observability A^. 
6.2 Reducing well-supported proofs to supported proofs 

Define the size of a node in a well-supported proof (or in any well-founded, upwardly branching 
tree) to be the supremum of the sizes of the nodes above it, plus one. Write P a if there is a 
well-supported proof of the closed literal a from the TSS P of which the root has size no more than 
the ordinal k. By straightforward induction, this is equivalent to the following recursive definition. 

Definition 24 Let P = (S, R) be a standard TSS. P a for a a closed literal iff 

1. either there is a closed substitution instance of a rule in R with P hj^g /? for all f3 G H, 

2. or a is negative and for every set N of negative closed literals such that P h ^ for 7 a closed 
literal denying a, one has P 6 for a closed literal 6 denying a literal in N. 

P l-?„„ a never holds, and in case k is a limit ordinal, P h!',^ a iff P \-^,^ a for some A < k. 



Clearly, P \-^s a iff P '^^s fo^' some ordinal k. Moreover, if A < k then P h^^ a =^ P a. 
Now we introduce the following concept of supported provability^ that will be shown to coincide 
with well-supported provability for standard TSSs in decent xynft format. 

Definition 25 Let P = (S, R) be a standard TSS. P H^^^ a for a a closed literal iff 

1. either there is a closed substitution instance of a rule in R with P \-g l3 for all (3 G H, 

H_ 

7 

a, one has P 6 for a closed literal 6 denying a literal in H. 

P a never holds, and in case k is a limit ordinal, P a iff P a for some A < k. 
a is said to be s-provable from P, notation P a, iff P a for some ordinal k. 

Due to the absence in this paper of literals of the form t -7^ t', the notion of supported provability 



2. or a is negative and for every closed substitution instance — of a rule in R with 7 denying 



defined above is in general less powerful than the notion of supported provability from |21| (cf. 
Counterexample R in that paper). However, on TSSs in decent xynft format both notions coincide, 
as will follow from Proposition 5| . 



Lemma 9 Let ^ ^ be a closed substitution instance of an ntytt rule r without lookahead, and 
let H' be a set of closed literals that differs from H only in the right-hand sides of its positive 
members. Then there exists a closed term t" such that also — is a substitution instance of r. 
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Proof: Straightforward. □ 

Lemma 10 Let P = {T,,R) be a standard TSS in ntytt format without lookahead and a be a 
negative hteral. Let k be an ordinal. Then the following are equivalent. 

(i) For every set of negative closed literals such that P \- ^ for 7 a closed literal denying a, 
one has P 6 for a closed literal 6 denying a literal in (i.e. case 2 of pefinition"2l ). 



For every closed substitution instance of a rule in R with 7 denying a, H contains either 
a positive literal P denying a closed literal 5 with P 6, or a negative literal /3 denying a 
closed literal 5 with P h'^g 5. 



Proof: Suppose (ii) holds. Let be a set of negative closed literals such that P h — for 7 a closed 
literal denying a. Let be the closed substitution instance of the rule in R used at the bottom 
of the proof of ^. Then H must contain either a positive literal /? denying a closed literal 5 with 
P 6, or a negative literal /3 denying a closed literal 5 with P 6. In the latter case, using 
that P is standard, it must be that (3 ^ N and we are done. In the former case, we have P h ^, 
so by Definition 24| (taking 5 and /5 for a and 7, respectively), one has P h^^, 5' for a closed literal 



5' denying a literal in A^, which had to be proved. 

Suppose (ii) does not hold. Let be a closed substitution instance of a rule in R with 7 denying 
a, such that H does not contain the specified literal /3, i.e. P u for every positive premise 
u — > u' in and P 1/2,^ u — > u' for every negative premise u —f^ in H and every closed term 
v! . It suffices to find a set of negative closed literals A^ with P h for 7' a closed literal denying 
a, such that P 1/2,^ (5 for all closed literals b denying a literal in A^. 

By Definition 24, for every positive premise P = u — ^ u' in there must be a set A^^ of 



negative closed literals with P h — ^ — for u" a closed term, such that P 1/^^ 5 for all closed 

u *u" 

literals 6 denying a literal in A'^. Let be the set of positive and H~ the set of negative literals 
in H, and let A^ = U/3G-f/+ U H~ . Then P l/J^^ 5 for all closed literals S denying a literal in A^. 
By Lemma 9 there exists a substitution instance of a rule in P, where H' is obtained from 
by replacing the right-hand sides u' of its positive members by u" , and 7' denies a. Hence, P h y. 

□ 

Proposition 5 Let P = (S,P) be a standard TSS in decent xynft format. Then 

Phs a <^ Ph^s a. 

Proof: For "=^>" we prove P a ^ P a with induction to k. The case that k = or k is a 



limit ordinal is trivial. So suppose P 1"^^^ a, and consider the two cases provided by Definition 25 . 

Case 1: Let be a closed substitution instance of a rule in R with P /3 for all P G H. 
Then, by induction, P h^^ /3 for all P £ H, and hence P a. 

Case 2: Suppose case 2 of Definition 25| applies, i.e. for every closed substitution instance 



7 

of a rule in R with 7 denying a, H contains a literal P denying a closed literal 5 with P 5. As 
the induction hypothesis yields P <5 ^ P l-JJ,^ 5, and by definition P 6 ^ P l-JJ,^"^ case (ii) 
of Lemma 10| applies, and hence also case (i). It follows that P a. 



For "-4=" we prove P a ^ P a with induction to k, and a nested induction to the size 
of the left-hand side of a, i.e. to the largest number of nested function symbols in it. Again, the 
case that k = or k is a limit ordinal is trivial. So suppose P ^'^^ a, and consider the two cases 



provided by Definition 24 
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Case 1: Let be a closed substitution instance of a rule in R with P h'^^ f) for all P G H. 
Then, by induction, P /3 for all /3 G H, and hence P ct. 

Case 2: Suppose case 2 of Definition 24 applies. Let be a closed substitution instance of a 
rule r in i? with 7 denying a. By Lemma 10| , H must contain either a positive literal /3 denying a 
literal 6 with P h^"^^ 5, or a negative literal /3 denying a literal 6 with P S. In the latter case, 
the induction hypothesis gives P hg 5. In the former case, using that r is a decent xynft rule, the 
left-hand side of 5 (and (3) is smaller than the left-hand side of a (and 7), so the nested induction 
hypothesis allows to conclude that P 6. It follows that P hs a. □ 



The following counterexample shows that the restriction to decent xynft format is essential here. 
Example 1 Let A = {a}, let T, consist of the constant c, and let R be the decent ntyxt rule 



X 



y 



X 



No closed rule of the form where N contains only closed negative literals, is provable from 

c >u 

P = (S,ii). Hence, P c -f-^- However, since is a closed substitution instance of the rule 

c ►c 

in R, we have P 1/^ c 



This shows that Proposition 5 does not extend to rules in which the source is a variable, and 
explains why we needed Proposition 2. The example also applies when we change R into 

a 

X — >y 



This shows that [Proposition 5| does not extend to rules with free variables, and explains why we 
needed Proposition 2. When we change R into 



the example shows that Proposition 5 does not extend to ntyft rules, and explains why we needed 



Proposition 4| . In order to see that [Proposition 5| does not extend to rules with lookahead, let S 



consist of the constant c and the unary function symbol /, and let R be 

c ^ /(c) 



a a 
X > y > Z 



This time we obtain P \-^s f{c) -7^, but P !/« /(c) 



6.3 Reducing supported proofs to standard proofs 

We proceed to show that for any given standard TSS P = (S, R) in decent ntyft format there exists 
a TSS P"*" = (S, P"^) in decent ntyft format such that P a 44> P^ h a. Again, the translation of 
R into P+ preserves the ready trace, readiness and failure trace formats. The construction below 
uses the absence of lookahead in an essential way. 
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Definition 26 Let P = (S, R) be a TSS, t £ T(S) and a £ A. 

• cl{R) denotes the collection of closed substitution instances of rules in R. 

• R [{t — ^) denotes the set of rules in R with conclusion t — ^ u for some u G Tr(S). 

• pick{R,t -y^) denotes the collection of transition rules in which H is obtained by taking 
one premise from every rule in R[{t — ^). 

• deny{R) denotes the collection of rules obtained from R by changing in each rule every positive 
premise u — ^ u' into u and every negative premise u -y^ into u — ^ y, where the y are 
all different variables, not occurring elsewhere in the rule. (That there are that many different 
variables follows from [Lemma "6 ; if needed the variables in the rule that do not occur in its 



source may be renamed.) 

• prove{R,t -^) denotes deny{pick{R,t -/^)). 

• Let R be the union of cl{R) and all collections cl{prove{cl{R) , a)) for negative closed literals a. 

Note that cl{R) \{t -^) with t closed is the set of closed substitution instances of rules in R 
with 7 denying t Thus cl{prove{cl{R),a)), for a a negative literal, contains only closed rules 
such that for every closed substitution instance ^ a rule in R with 7 denying a, a literal in 
K denies a literal in H. Moreover, for every closed rule of the latter kind, there is a K' (1 K 
such that ^ G cl{prove{cl{R), a)) . From this we obtain: 

Lemma 11 Let P = {Y.,R) and P' = be TSSs with P standard and cl{R') = R. Then 

P"r a-i^ PhsO. □ 

Definition 27 A TSS P = (S, R) is in uniform ntyft format if it is in ntyft format and for every 
function symbol / € S there is a specific sequence of all different variables Xf = (xi, . . . ,Xar(f)), 
such that all sources of rules in R have the form f{xf) for some f £ T,. 

Let P be in uniform ntyft format. Then R'^ denotes the union of R and all collections 
prove{R, f{xf) -^) for / G S and a £ A. 

Example 2 Let A = {a, b} and let T, consist of the constant c and the binary function symbol /. 
Let R be: 



a xi — >y 
c — > c 



a b, 

X2 — >y xi 



Then R^ is R together with: 

f{xi,X2) 



f[xi,X2)-^y f{xi,X2)^y 



a, a, a, b 
Xl —/-^ X2 —f-^ X\ —/-^ X\ > Z 



f{xi,X2)-^ f{xi,X2)-^ 

Definition 28 Write r = r' for transition rules r and r' if they differ only through a bijective 
renaming of their variables {a- conversion) . Write R = R' ii for each r £ R there is an r' G R' with 
r = r' and vice versa. 

Write r r' for transition rules r and r' if they differ only in their targets and in the right-hand 
sides of their premises. Write i? ~ i?' if for each r G R there is an r' G R' with r k, r' and vice 
versa. 
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Note that for any TSS P = (S, R) in decent ntyft format there is a TSS P' = (S, R') in decent 
uniform ntyft format with R = R' . Moreover, P /3 4^ P' /? for any hteral /3; also P' is in 
ready trace/readiness/failure trace format iff P is. Finally note that \i R k, R' and all rules in R 
and R' have negative conclusions then deny{R) = deny(R'). 

Lemma 12 Let P = {T,,R) be a TSS in decent uniform ntyft format, and let o" be a closed 
substitution. Then (T(i?K/(x/) ^)) « d{R) KfT(/(f/)) ^). 

Proof: "C": If rule r £ R has conclusion f{xf) — ^ u then (T(r) G C c/(i?) has conclusion 

"5": Let r G Kc^(/(^/)) Then r = p(r') for r' e R and p a closed substitution, and 

the conclusion of r is a{f{xf)) — ^ u for some term n. As P is in uniform ntyft format this implies 
that the conclusion of r' is f{xf) u' for some term u', and = a{xi) for i = 1, . . . , ar{f). 

As r is decent, the left-hand sides of its premises contain no other variables than xi, . . . ,Xar(f)- 
Therefore r = p{r') « a{r') £ a{R K/(^/) ^))- ° 

Proposition 6 Let P = be a standard TSS in decent uniform ntyft format. Then also 

P"*" = (S, i?^) is in decent uniform ntyft format, and P^ \- a <^ P hg a. 



Proof: The first statement is immediate from the construction. For the second, using Lemma 11 



it suffices to show that cl{R^) = R. First of all, for any f £ Ti, a £ A and closed substitution a, 
a{pick{R,f{xf) -^)) = 

{ — '^^^^ a I H is obtained by taking one premise from each rule in Rlf{xf) — ^} = 

{ — — — I K is obtained by taking one premise from each rule in a(R [f(xf) —^)} — ^ 

{ — — — I K is obtained by taking one premise from each rule in cl(R) laifixf)) -^} = 

pzckidiR),aifixf)^)). 

Therefore, cl{R+) = cl{R) U UaeA U/es d{prove{R, f{xf) -^)) = 
cl{R)uUaeAUfesd{deny{pickiR,fixf) ^))) = 
cl{R)U[ja^A[JfeJ^d{deny{d{pick{R,f{xf) ^)))) = 
d{R) U\J^^A[Jf^j^d{deny{[J^.y^j,(^^^a{pick{R, fixf) -^)))) = 
d{R) U UaeA U/eE d{deny{\J^.Y^j,(^^^ pick{cl{R),a{f{xf)^)))) = 
cl{R) U UaeA U/es c^(deny(Uti,...,t^^(^)eT(s) pick{d{R), f{ti, tar(f)) -^))) = 
UUaeAU/6EUi,...,t„,(^)eT(s) d{deny{pick{d{R), f{ti, . . . ,t^^(^f)) -^))) = 
d(P) UUaeAU/6EUi,...,t,,(^)eT(E) d{prove{d{R),f{ti,. . . ,tar(f)) -^)) = 

d{R) U Ua a closed negative literal d{prOVe{d{R) , a)) =R. □ 

The following counterexample shows that absence of free variables is essential here. 

Example 3 Let A = {a}, let S consist of the constants a, c and e, and let R be the following 
collection of rules: 

a 

^ — 'y 



a 

c — >y 
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Note that P = {T,,R) is a standard TSS in uniform ntyft format. Clearly P \- c — ^ e and thus 
certainly P c — ^ e and thus P \/s c Nevertheless, i?+ would be R together with the rules 

e -/-^ and — ^ — > so we would have (S, h c 

c ' 



The following counterexample shows that absence of lookahead is essential too. 

Example 4 Let A = {a}, let S consist of the constants a and e and the unary function symbol /, 
and let R be the following collection of rules: 

a a, 

X — >y^ 



fix) y 

Again P = (S, R) is a standard TSS in uniform ntyft format. As there are no rules with conclusion 
e — ^ t for some term t, one obtains P e and hence P f{a) — ^ e. Nevertheless, i?"^ would 

be together with the rules e ^ — and ^ — , so we would have (S, h /(c) 

fix) ^ fix) 

It remains to show the relevant formats are preserved under the translation of R into . Recall 
that these formats were extended to non-standard TSSs in Definition 23| . 



Proposition 7 Let P = be a TSS in decent uniform ntyft format. If P is in ready trace 

format (resp. readiness format or failure trace format), then so is P^ = (S,ii"^). 



Proof: By pefinition 23 the statements for the ready trace and readiness formats are trivial. 



Let P be in failure trace format, let / G S and a G A, and let z be A- floating in a rule r in 
proveiR,fixf) -7^). In case z is the right-hand side of a positive premise, it is not polled in r. 
So assume z occurs in the source of r. As in the rules of R[{f{xf) — ^) the variable z is also 
A-floating, it is polled only in A-liquid positions in those rules, and only in positive premises. The 
same holds for the rules in pickiR, fixj) -y^). Hence in the rules of denyipickiR, fixf) -y^)) it is 
polled only in A-liquid positions in negative premises. □ 

The results of this section can now be combined as follows, extending the definition of R^ to TSSs 
(S, R) in ready simulation format. 

Definition 29 Let P = (S,i?) be a TSS in ready simulation format. Then P'^ = (S,i?^) is 
defined as the TSS obtained by subsequently 



convert P to ntyft format without lookahead following the construction in the proof of Prop. 2 



convert the result to decent ntyft format following the construction in the proof of Proposition 3| . 



convert the result to decent xynft format following the construction in the proof of Proposition 4 , 

convert the result to decent uniform xynft format by bijectively renaming the variables in each 
of its rules. 



and applying the construction of Definition 27 



Note that R^ is fully determined by R up to a-conversion. 

Corollary 3 Let P = (S,i?) be a standard TSS in ready simulation format. Then P~^ = (S,i?"'") 
is in decent ntyft format, P"*" h a <^ P a for all closed literals a, and if P is in ready trace 
format (resp. readiness format or failure trace format) then so is 
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7 Reducing decent ntyft rules to decent nxytt rules 

The following proposition says, for P a TSS in decent ntyft format, that for any function symbol / 
there are a number of decent nxyft rules with source /(xi, . . . , Xar{f)) irredundantly provable from P 
that are "just right" for /. Here "just right" means that for any (closed) literal /(ti, . . . ,tar{/)) 
or /(ii, . . . ,tar(f)) — > t' that is provable from P there is a (closed) proof using one of those rules 
as the last step. Moreover, the same holds not only for function symbols /, but for arbitrary open 
terms. If for an open term t with var{t) = {xi, . . . , we would introduce an n-ary function 
symbol ft such that ft{xi, . . . , x„) is just a shorthand for t, then P also irredundantly proves a set 
of decent nxyft rules that are just right for ft- 

Proposition 8| and its proof below can be read in four ways: pertaining to negative or positive 



literals (with the material pertaining only to positive literals enclosed in square brackets), and with 
and without the adjective "closed" . 

Proposition 8 Let P = (S,i?) be a TSS in decent ntyft format. If P h a{t) [resp. P h 
a{t) — ^ t'] for t a term, [t' a (closed) term] and a a (closed) substitution, then there are a decent 
nxytt rule [resp. ^ ] and a (closed) substitution a' with P hij-r -i- [resp. P hi„ ^ ], 

£ — -^-^ f,- -^il t,- / ■> t 

P h a'{H), a'it) = a{t) [and a'{u) = t']. 



Proof: First, suppose t is a variable. By default, the decent nxytt rule ^^r- [resp. ^— ^] is irre- 

t-/^ t >y 

dundantly provable from P. Let a' be a (closed) substitution with cr'{t) = a{t) [and cr'{y) = t']. 
Clearly, P h a'{t [resp. P h a'{t y)]. 

Next, suppose t = /(ti, . . . , t^^^j)). We apply structural induction to a (closed) proof vr of 
the literal a{t) [resp. a{t) — ^ t'] from P. Let r G i? be the decent ntyft rule and p be the 
(closed) substitution used at the bottom of vr, where r is of the form ^^fc 'Vklki^Kjuiwi-f^ieeL} ^^.^gp^ 

K^i/.|fcei^}uwg^|teL} j^ ^j^^^ ^ ^(^^^ for i = 1, . . . , ar{f), [p{v) = t'] and p{vk) ^ p{yk) 

f{xi,...,Xar(f)) *V 

for k £ K and p{wi) for £ £ L are provable from P by means of strict subproofs of vr. Since 
r is decent, var{yj.) ior k £ K and var{wi) for £ G L are included in {xi, . . . ,Xar(f)}- Let po be a 
substitution with po{xi) = tj for i = 1, . . . , ar{f). As p{xi) = a{ti) = a{pQ{xi)) for i = 1, . . . , ar{f), 
we have p{vk) = f7{po{vk)) for k £ K and p^wi) = a{po{we)) for i £ L. So a{po{vk)) p{yk) for 

k £ K and cr(/9o(w^)) for £ £ L are provable from P by means of strict subproofs of vr. According 
to the induction hypothesis, for k £ K there are a decent nxytt rule — and a (closed) 

Po('ffc) ►Mfc 

substitution a'^ with P hi„ ^''c^ — , P ^ cr'kiHk), (^kiPoi^k)) = (^{po{vk)) and o-fc(Mfc) = p{yk). 
Likewise, for £ £ L there are a decent nxytt rule — and a (closed) substitution a'^ with 

P ^irr — — ) P ^ ^ei^^t) and (T^(/3o(u'^)) = c7(po (""^^ )) • By Lemma 6| , we can choose the sets of 

variables in the right-hand sides of the positive premises in the Hk (for k £ K) and Hi (for £ £ L) 
pairwise disjoint, and disjoint from var(t). This allows us to define a (closed) substitution a' with: 

• cr'{z) = (t(z) for z £ var{t); 

• (t'{z) = (y'k{z) for right-hand sides z of positive premises in Hk for k £ K; 

• a'{z) = a'^{z) for right-hand sides z of positive premises in H^ for £ £ L. 
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Let 

H = \J Hk U \JH^. 

k&K teL 

Moreover, let pi be a substitution with pi{xi) = for z = 1, . . . , ar(/) and pi{yk) = Uk for k £ K. 
We verify that the rule -i- [resp. a ^ — ] together with the substitution a' satisfy the desired 

t >pi(d) 

properties. 

As var{vk) ^ {xi, . . . , X(,r(/)}, it follows that var{po{vk)) C var{t). Since a' and a agree on 
var{t), a'{po{vk)) = cr{po{vk)) = o■^(po(^'fc)) for k £ K. Thus, by the decency of ^^^^ — , a' and 

Po(ffe) 

(T^ agree on all variables occurring in this rule for k £ K. Likewise, a' and a'^ agree on all variables 
occurring in — for i G L. 

1. pi and pq agree on var{v].) C {xi, . . . so pi(ffc) = Po{i^k) for k£K. Likewise, pi{w() 
= poiwe) for ^ G L. Since P hi„ r, we have P hi„ pi{r) = {po(^fe)^nfc|fcgX}u{po(^.)^|tei^} 
[resp. iPoM^u,\k^K}u{p„{w,)4-\i&L} ^^ Furthermore, P hi„ for A: G if and P Hi„ 

t .pi(D) 

— ^ for ^ G L. As if = U ^fe U U He, it follows that P hi„ ;f - [resp. P hi„ „^ ]. 

2. The right-hand sides of the positive premises in any Hk or Hi are distinct variables. By 
construction, these sets of variables (one for every k £ K and £ £ L) are pairwise disjoint, 
and disjoint from var{t). Hence [resp. — ^ — ] is an ntytt rule. Since the premises in 

t — >pi(d) 

H originate from H/^ (for k £ K) and H^ (for i £ L), their left-hand sides are variables. This 
makes the rule an nxytt rule. The rule is decent by pi;emma"l . 



3. a' agrees with o"^ on variables in H^ for k £ K, and a' agrees with a'^ on variables in Hi for 
££L. Since P h a'f^{Hk) fov k £ K and P h a'^{Hi) for £ £ L, we conclude that P h ct'(/7). 

4. Since a' and a agree on var{t), cr'{t) = cr{t). 

5. [a'{pi{xi)) = a'{ti) = a{ti) = p{xi) for i = 1, . . . , ar{f). Moreover, since a' and o"^ agree on 
var{uk), (y'{pi{yk)) = <y'{uk) = (j'kiuk) = piVk) for k £ K. As var{v) C {xi, . . ■ ,Xar{f)}^ {Vk I 
A; G K}, it follows that (t'(pi(u)) = p{v) = t'.] □ 



Note the similarity between Lemma 7 and Proposition 8 and their proofs. The essential difference 



is that Lemma 7 employs a definition of "just right" that deals with transition rules with negative 



premises instead of mere literals. The price to be paid for that is that the constructed rules may 



contain arbitrary negative premises, instead of premises of the form x —f^. Furthermore Lemma 7 
deals only with standard TSSs (and does not mention the closed case). 

The following corollary will not be needed in the remainder of this paper; however it may be 
interesting in its own right. 



Corollary 4 Let P = (S, R) be a TSS in decent ntyft format. Then there exists a TSS P' = (S, P') 
in decent nxyft format such that P' h a <^ P h a for all closed literals a. Moreover if P is in ready 
trace format (resp. readiness format or failure trace format) then so is P'. 
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Proof: Let R' consist of all decent nxyft rules irredundantly provable from P. That P' h a 



P \- a follows immediately from Lemma 8. For the other direction we use structural induction 



on the source of a. So assume P \- a with a being f{ti, . . . , tar(f)) ~h' or /(ti, • • • , tar{f)) t' ■ 



By Proposition 5 there are a decent nxyft rule r = — — [resp. — s — ] and a 

substitution a' with P hirr r, P V- a'{H), a'{xi) = ti for i = 1, . . . ,ar{f) and a'{u) = t'. Thus 
r G B! . As r is a decent nxyft rule, the literals ct'(/3) with (3 £ H have the form ti — ^ v or ti -y^. 
Hence by induction P' h a'{H). Moreover, a'{r) = ^-^^ is a substitution instance of a rule in R', 
so P' h a. This concludes the proof of the first statement. The second is an immediate corollary 
of Lemmas |, |, | and |5|. □ 

8 Crux 

This section witnesses the proofs of Theorems 4-7; see Corollary 5. The bulk of this section consists 
of lemmas building up to this corollary. 

Definition 30 Let P = {T,,R) be a standard TSS in ready simulation format. A P-ruloid is a 
decent nxytt rule, irredundantly provable from P"*" = {T,,R~^). 

Lemma 13 Let P be a standard TSS in ready simulation format. Then P a{t) -/^ [resp. 
P ^ws t'] for t a term, [t' a closed term] and a a closed substitution, iff there are a P-ruloid 

-i- [resp. — ] and a closed substitution a' with P a'{H), (j'{t) = a{t) [and cr'{u) = t']. 



Proof: By Porollary 3 , P+ is in decent ntyft format and P+ h a <^ P a for all closed literals 



a. Using this, "if" follows immediately from Lemma 8 , and "only if" from Proposition 8| . □ 



The following definition assigns to each term and each observation in Ors a collection of mappings 
from variables to Ors- This construct plays a crucial role in the technical developments to follow. 
Intuitively, tp (ip) consists of observational reformulations of the P-ruloids with source i, that vali- 
date the observation ip for the term (7{t), for any closed substitution a, in terms of the observations 
that can be made for the terms ct(x) for x G var(t). 

Definition 31 Let P = (S, R) be a standard TSS in ready simulation format. Then -p^ : T(S) — > 
{Ors ^ r{V ^ Ors)) is defined by: 

• tp\T) = with tp{x) = T for x£V. 

• Ip £ tp^(a) iff there is a P-ruloid — ^ and ip : V ^ (D is given by 

i^i^) = f\ b A cT for X G var{t) 

ip{x) = T for x var{t). 

• ip £ tp^(aLp) iff there are a P-ruloid ^ and a x ^ u7}((p) and ip : V ^ <D is given by 

t yu 

{x^)(LH {x~^y)&H 

ip{x) = T for X var(t). 
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• tp\/\i^j(pi) = {Ai^ji/Ji I ipi e tp^{Lpi) for i E /}. 
When clear from the context, the subscript P will be omitted. 

It is not hard to see that if £ ^ ""^(v) then iIj{x) = T for all x var{t). 

Lemma 14 Let P = (S, R) be a standard TSS in ready simulation format. 

Let G (D. For any term t G Tr(S) and closed substitution a :V ^ P{^) one has 

O'it) \=p (f G tp^{ip) Vx G var{t) : cr{x) \=p '4j{x). 

Proof: With induction on the structure of ip. 

• 99 = T. In this case (j{t) |= T and for the only parameterized observation il) G t~^{T) one has 
(j{x) 1= "ipi^) = T for all x G var{t). 



Suppose a{t) |= a. Then P ^yjs a{t) by Definition 14 . Thus, by Lemma there must 
be a P-ruloid and a closed substitution a' with P h^g '^'{H) and o"'(t) = (T(t), i.e. 

* I— — 1 ~ 

(t'(x) = (t(x) for X G var(t). Define if) as indicated in [Definition 31| . By definition, ^ G t~^{a). 

Let X G var{t). For (x — > y) £ H one has P h^u^ — ^ '^'{y)i so o''(x) |= cT. Moreover, 

for (x -^) G H one has P a'{x) so (t'(x) |= h. Hence a{x) = cr'{x) |= ip{x). 

Now suppose that there is a ^ G t^^{a) such that cj(x) |= ^(x) for all x G var(t). This 

. n , . , {a: yi I i G X G t;ar(t)} U {x -^| j G Jr, x G 

means that there is a P-ruloid 

t 

such that ct(x) ^ A J A ^ var{t). Thus, for x G var{t) and i G I^, 

P — ^ for some tj G and for x G var{t) and j G Jx, P \~ws 0"(x) Let o"' 

be a closed substitution with !^^\ '^j^^^ for x G j;ar(t) Here we use that the 

fj (yjj = tj tor I £ Ix and x G var[t). 

variables x and are all different. Now P 1-^^,^ cr'(x) cr'iyi) for x G var{t) and i G /x, and 

P l~u)s '^'(a;) for X G var{t) and j G J^. So by [Lemma "l3| P which implies 

cr(t) = a'{t) 1= a. 

Suppose a{t) |= a(/9. Then by Definition 14 there is a t' G T(S) with P \-^s o-(t) ^ t' 
and t' 1= 99. Thus, by [Lemma 13| there must be a P-ruloid ^ and a closed substitution 

a' with P cr'{H), cr'{t) = a{t), i.e. cr'(x) = (t(x) for x G var{t), and (^'(m) = t'. Since 
(T'(n) ^ if, the induction hypothesis can be applied, and there must be a x £ ^ "'^('z') such 
that cr'{z) \= xi^) for all z G var{u). Furthermore (j'{z) \= x{^) — T for all z var{u). 
Now define ip as indicated in Definition 31. By definition, t/j G f^laif). Let x G var{t). For 
(x — ^ y) £ H one has P h^„s ^'(a;) — '^'{u) N x(y)) so cr'(x) \= cx{y)- Moreover, for 
(x -/^) G H one has P h^s ^"'(a^) so cr'(x) ^ 6. It follows that cr(x) = ct'(x) ^ il){x). 
Now suppose that there is a G t~^{aip) such that cr(x) |= il){x) for all x G var{t). This 

. n 1 ■ - yi M e -^i^> 2; G uar(t)} U {x j G J^;, a; G 
means that there is a P-ruloid 

r — > u _ 

and a parameterized observation x G u~^{ip) such that o"(x) ^ x{x) ^ /\ ^ /\ ^iXiUi) for 
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all X S var{t). It follows that, for x E var(t) and i & I^, P \~ws (^{x) ti for some E T'lS) 

with ti 1= yivi). Let u' be a closed substitution with "^/f^^ '^''^'^ p*^'^ ^ ^ var{t) 

' ^^^^ fT'(yi) = for i£lx and x E var{t). 

Here we use that the variables x and are all different. Now (t'{z) \= x{z) foi' ^ ^ var{u), 

using that u contains only variables that occur in the premises of the ruloid. Thus the 

induction hypothesis can be applied, and cr'{u) |= ip. Moreover, P \-y^s (^'{x) — ^ cr'iUi) for 

X E var{t) and i ^ Ix, and P <^'{x) for x E var{t) and j E Jr- So by Lemma 13 
P \-y^g cr'(t) — — ^ (^'{u), which implies a{t) = cr'^t) |= atp. 

• a{t) 1= /\i^jipi <^ : a{t) \= (pi <^ 3ipi^t'^{(pi) \/x ^ var{t) : a{x) \= ipi{x) <^ 

3ip£t-^{/\i^jipi) yx£var{t) : a{x) \= ip{x). □ 

Example 5 Let A = {a, b} and let S consist of the constant c and the unary function symbol /. 
Let R be: ^ 

a x y ^ ^ y 



fix) y fix) ^ f{y) 

Suppose ip £ f if ix))~^ (baT) . The only P-ruloid with a conclusion of the form /(/(x)) — ^ _ 
is . So ^(x) = xix) A 6x(y) with x G /(y)~^(oT). The only P-ruloid with a 

conclusion /(y) _ is T7T~~^~47T- ^° ^(y) = x'(^) bx'{z) with x' G /(2:)"nT). Since 

f{y) — ' f{z) 

x'iu) = x'iz) = T we have xiu) — bT. Moreover x uar(/(y)) implies xix) — T. Hence 
ipix) ^ 66T. 

By |Lemma 14 a closed term /(/(u)) can execute a b followed by an a iff the closed term u can 



execute two consecutive 6's. 

In order to arrive at the desired precongruence results we need to know that if a standard TSS 
is in the desired format N, and (/? is a potential A'^-observation of a closed term cT(t), then the 
observations of cr(x) for x E war(t) that determine whether or not <p is an A^-observation of o"(t) 
are also A^-observations. This is established in the following two lemmas. In fact, our formats have 
been found by investigating what was needed to make these lemmas hold. 

The work is divided over two lemmas. Lemma 1^ deals with those variables of t that are floating 



in the P-ruloids with source t. As the proof inductively refers to terms that can be thought of as 
successors of t after performing a number of actions, and as these terms may contain variables 
y representing successors of the arguments of t after performing several actions, the observations 
employed should be the ones from Definition 6. Lemma 16| extends this to arbitrary variables. As 



non-floating variables represent processes in their initial state only, that lemma may use the richer 



language of observations employed in Definition 7, which is much less cumbersome. This enables 



the absence of restrictions on non-floating variables in the definitions of the formats. 

Lemma 15 Let P = (S, R) be a standard TSS in ready simulation format, and let A be an unary 
predicate on arguments of function symbols in E. Let t E Tr(S), ip E Ors, "0 S tp^iif) and 
X E varit), such that x occurs only once in t, and at a A-liquid position. 

• If the rules in R'^ are A-ready trace safe and ip E Ort then tpix) E ©_rt- 
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• If the rules in 72+ are A-readiness safe and ip £ ©/j then ip{x) E O^j. 

• If the rules in are A- failure trace safe and ip £ Opt then 'ip(x) £ Oft- 

• If the rules in i?"*" are A-failure trace safe and ip £ Op then £ Op. 

Proof: Let P = {T,,R) be a standard TSS in ready simulation format, t £ T(E) and x £ var{t). 
Note that if if; £ t^^{a) then ip{x) has the form Ajej bj A /\j^(zk CfcT. Thus if '0 G i~^{Ai£i S^i) then 
has the form Aie/(AjeJi ^AkeKi CjfcT). The latter formula is equivalent to one of the form 
AjeJ' b'j A Afce-ftT' '^fcT. 

Furthermore note that if G t~^{aT) then has the form T A AjeJ^j A AkeK — 

Ajej bj A Afcex c^T. Here it is used that if x £ ^ ""^(T) for some u £ T(S) then x{x) = T. Thus if 
Ip £ t~^{Ai,^i CLiT) then 1/^(3;) is again equivalent to a formula of the form AjeJ' b'j A AkeK' ^'k~^ ■ 

Combining these observations it follows that ii if) £ t~^{f\^^jai A Ajej^jT) then also tl^ix) is 
equivalent to a formula of the form above. 

• Let the rules in i?+ be A-ready trace safe and ip £ Ort- We apply structural induction on ip. 
Take t £ T(i), tj; £ t~^{ip) and x £ var{t), such that x occurs only once in t, and at a A-liquid 
position. 

— In case ip = T we have tp{x) = T S (Drt- 

— Let (/? = Ai6/ a* AjeJ A if' with G O/jt- Then tl;{x) ^ Afcei^ cl A AfeL ^^^T A V'(a^), 
where ip' £ t~^{ip'). By induction ip'{x) £ Ort, and hence also ip{x) £ Ort- 

— Let (p = aip' with ip' £ Ort- Then there are a P-ruloid ^ and x ^ such that 

t — >u 

ip{x) = x{x) A /\b A /\ cx{y). 



By [Lemma 2| , x is propagated at most once in ^ , and only at a A-liquid position. This 

t >u 

implies that of the set of variables W = {x} U {y | 3c : (x — > y) £ H} at most one 
member, say z, occurs in variu). Since z is A-floating in ^ and occurs at most once in t, 

t >M 

Lemma 2 moreover guarantees that z occurs only once in u, and at a A-liquid position. By 
induction we obtain x{^) ^ ^RT- For all other variables w £W we have w var{u) and so 
X{w) = T. Thus ipix) is of the form Ajejbj A AkeK^k^ or x(^) A Ajajbj A AkeK ^k'^ or 
AjeJ bj A AkeK CfcT A cx(^) with ^(-z) G ©at- In all three cases ip{x) £ Ort. 

Let the rules in be A-readiness safe and ip £ Or. We apply structural induction on ip. 
Take t £ T(t), ip £ t~^{ip) and x £ var{t), such that x occurs only once in t, and at a A-liquid 
position. 

— In case 99 = T we have 'ip{x) = T S Or. 

— Let V? = Ai^iSi A AjdjbjT . Then ip{x) = AkeK Ck AAt^^L^eJ ^ '^R- 

— Let ip = aip' with ip' £ Or. Then there are a P-ruloid ^ and x £ ^""^(v'') such that 

t >u 

^{x) = x{x) A /\h A /\ cx{y). 

By Lemma 2, x is propagated at most once in ^ , and only at a A-liquid position. More- 
' ' t — 

over, by ILemma 31, x is not both propagated and polled in ^ . We consider three cases. 



34 



Precongruence Formats for Decorated Trace Semantics 



* Suppose X G var{u). Then x is propagated, so it occurs only once in u, and at a A-liquid 
position. By induction xi^) ^ Furthermore, H has no premises of the form x —/-^ or 
X — ^ y. Hence -il^ix) = x{^) ^ 

* Suppose X is propagated, but does not occur in u. Then x{^) — T. Furthermore, H 
contains no premises of the form x —/-^ and exactly one of the form x — > y, where 
y occurs in u. So '>\){x) = cx{y)- As y is A-floating in ^ and does not occur in 

t >M 

t, Lemma 2| guarantees that y occurs only once in u, and at a A-liquid position. By 



induction xiv) £ ©iJi so tp{x) € (Dr. 
* Suppose x is not propagated. Then none of the variables y with (x — ^ y) ^ H for some 
c £ A occurs in u. Hence for all those variables we have xiu) — T. Moreover x var{u) 
so x{^) — T. Thus ^p{x) is of the form AjeJ AkeK CfcT G ©ij. 

Let the rules in be A-failure trace safe and (/? G OiT^. We apply structural induction on 99. 
Take t G '^(t), ip G t~^{ip) and x G var{t), such that x occurs only once in t, and at a A-liquid 
position. 

— In case ip = T we have ^'(a;) = T G 0^;"^. 

— Let Lf = AiG/ ^ V'' with ip' G ©iT^- Then ^(x) = Aie/ ^i(a^) A ^'(x) where ^i{x) G t^-'^(aj) 
for i G / and ip'{x) G For i G I there is a P-ruloid such that 

V'i(x) = A ^ ^ A 



By Lemma 5 , has no premises of the form x — > y. Therefore ^i{x) = Aji^jbj- Further- 
more, by induction ip'{x) G ©ft, so ^(x) = /\i(ziipi{x) A Tp'{x) G ©ft- 
Let ip = a(f' with ip' G Oft- Then there are a P-ruloid ^ and x £ such that 

t >u 

^(x) = x(x) A /\ 6 A /\ cx(y). 

Using Lemmas ^ and^ the same case distinction as in the readiness case applies, and in the 
first two cases we find ip{x) G ©ft- Consider the third case, in which x is not propagated. 

Then x var{u) so x{x) — T. By Lemma 4, x is polled at most once in ^ , and in a 

b, " 



positive premise. Hence H contains no literals of the form x —/-^, and no more than one 
literal x — ^ y. If there is such a literal, y does not occur in u, so xiu) — T. Hence il){x) = T 
or ^(x) = cT. In both cases V'(a^) G ©ft- 

• The proof of the last statement (with ip £ ©f) is a trivial simplification of the previous one. 
This proof is left to the reader. □ 

Lemma 16 Let P = {T,,R) be a standard TSS in ready simulation format, t G 'n'(S), p G ©/?,§, 
Ip G tp^{(p) and x G var{t). Then 'ip{x) G ©'^5 and the following hold: 

• If P is in ready trace format and ip G ©^^ then ■ip{x) G ©^y- 

• If P is in readiness format and (p G ©^ then Tp{x) G ©'^. 

• If P is in failure trace format and ip G ©ft then ip{x) G ©ft- 



If P is in failure trace format and ip G ©^ then ijj{x) G ©p' 



Counterexamples 
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Proof: That tlj{x) S ^rs = ^rs immediate from the definitions. 

• Let P be in ready trace format and ip £ ^rt- We apply structural induction on ip. Take 
t e T{t), tp G t~'^i(p) and x € var{t). 

— In case ip = T we have ^(x) = T G Ort ^ ^rt- 

— Let 99 = Aie/ «i AjeJ A ^' with 99' E (Drt. Then ip{x) ^ Afcei<: Cfc A A^eL ^^^T A ^'(x), 
where ip' G t~^{ip'). Clearly E ©ijT for A; E and d^T E ©rt for £ G L. By induction 
'(/''(x) E O'rti s-'^cl hence also S ©r^. 

— Let = aip' with 99' E 0_rt- Then there are a P-ruloid ^ and x £ ^ ""^(v') such that 

t — >ji 

ipix) = xix) A /\ 6 A /\ cxiy). 

As P is in ready trace format, by Corollary 3| so is P^, so the rules in are A-ready trace 
safe for some unary predicate on arguments of function symbols A. The variables y with 



(x — ^ y) G H are A-floating in ^ and do not occur in t. Thus, by Lemma 2, each of 



them occurs at most once in u, and at a A-liquid position. In case y does not occur in u 



we have x{y) — T E Ort; otherwise [Lemma 15| yields x{y) ^ ©RT- Hence cx{y) E (Drt for 



each (x -—>■ y) E H. Clearly At ^ ^ ©iJTj and by induction x{x) E ©1^^. Therefore 

V'(x) E ©"^ 



-1/ 



— Let Lf = Aie/ V^i with (^j E ©rt for i E I. Then ?/;(x) = /\^^j%lji{x) with V'i(^) S t (v^j) for 
i G I. By induction (using the three cases treated above) ipi{x) E ©rt^ for i G I. Therefore 
V'(x) E ©^r. 

The proofs of the remaining three statements proceed in exactly the same way. □ 



Now we are ready to prove Theorems ^-0. In the light of Definition 15[ these theorems can be 



reformulated as in the following corollary, where N ranges over {ready simulation, ready trace, 
readiness, failure trace, failure} and failure format means failure trace format. 

Corollary 5 (Precongruence) Let P = {T,,R) be a standard TSS in format, t E 'n"(E) and 
a, a' closed substitutions. If (t(x) c'(x) for x E var{t), then a{t) cr'{t). 



Proof: By Corollary 1 we have to show that 0^{a{x)) Q Opf{a' (x)) for x E var[t) implies 



0%{a{t)) C 0%{a'{t)). Suppose 0%{a{x)) C 0%{a'{x)) for x E var{t). Let ^ E 0%{a{t)), 



i.e. (/9 E ©TV and ^ ip. By Lemma 14 3^ E t y'p) Vx E var{t) : a{x) |= ^(2^)- By 



Lemma 16| Vx E var{t) : 'ip{x) E ©^. Thus Vx E var{t) : -(/'(x) E ©^(^"(x)) C 0^(0"' (x)). Hence 



VxE var{t) : a'{x) |= ^/^(x). So by Lemma 14 o-'(t) |= It follows that ip E 0^{a'{t)), which had 



to be proved. □ 



9 Counterexamples 

This section presents a string of counterexamples of complete standard TSSs in ntyft/ntyxt format, 
to show that the syntactic restrictions of our precongruence formats are essential. In [|2^ a series 
of counterexamples can be found showing that the syntactic restrictions of the ntyft/ntyxt format 
are essential as well. 
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9.1 Basic process algebra 



The examples in this section assume basic process algebra [Q]. We assume a collection Act of 
constants, called atomic actions, representing indivisible behaviour, and two special constants: the 
deadlock S does not display any behaviour, while the empty process e |40| terminates successfully. 
Basic process algebra moreover includes function symbols _+_ and _•_ of arity two, called alternative 
composition and sequential composition, respectively. Intuitively, ti + t2 executes either ti or t2, 
while ti ■t2 first executes ti and upon successful termination executes t2- These intuitions are made 
precise by means of the standard transition rules for BPA^^ presented in [Table 1 , where the label 
V ranges over the set Act of atomic actions together with a special label ^/, representing successful 
termination. Note that this TSS is positive and in ready simulation format. It is not hard to check 
that the TSS is in failure trace format (and so by default in ready trace and readiness format), if 
we take at least the first argument of sequential composition to be liquid. In particular, in the first 
rule for sequential composition the floating variable y occurs in a liquid argument of the target, 
and in the second rule for sequential composition the floating variable xi is polled only once and 
not propagated. 



V 

xi — >y 



Xi + X2 



xi — >y 

Xi- X2 -^y ■X2 



y 



s^5 



X2 — >y 
xi + X2 y 



xi — > yi X2 — > y2 



Xi ■ X2 



y2 



Table 1: Transition rules for BPA^ 



Terms ti ■ t2 are abbreviated to tit2- Brackets are used for disambiguation only, assuming 
associativity of + and •, and letting • bind stronger than +. In the remainder of this section we 
assume that Act = {a, b, c, d}. Moreover, we assume unary function symbols / and h and a binary 
function symbol g. 



9.2 Lookahead 

The following counterexample shows that the ready simulation format (and its more restrictive 
analogues) cannot allow lookahead. 

Example 6 We extend BPA^^ with the following rule, containing lookahead: 

b c 

X — >yi yi — > y2 
fix) S 

It is easy to see that bd Qrs be + bd (so a fortiori bd Cat be + bd for N G {RT, R, FT, F}). The 
empty trace is a completed trace of f{bd) but not of f{bc + bd) (as /(6c + bd) 6). Hence, 
fibd) ^cT f{bc + bd) (and a fortiori f{bd) fibc + bd) for G {RS, RT, R, FT, F}). 
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9.3 Multiple propagations 

The following counterexample shows that the ready trace format (and its more restrictive analogues) 
cannot allow a liquid argument of the source to be propagated more than once in the left-hand 
sides of the positive premises. 

Example 7 Let the arguments of / and g be liquid. We extend BPA^g with the rules: 

a 6 6 c d 

X — > y X — > yi X — > y2 xi — > yi X2 — > y2 

fix) f{y) fix) ^ g{y,,y2) g{xi,X2) ^ 6 

In the second rule, the liquid argument x of the source is propagated in the left-hand sides of both 
premises. 

It is easy to see that a{bc + bd) Qjit abc + abd (so a fortiori a{bc + bd) Cjy abc + abd for 

N G {R, FT, F}). Note that abd is a trace of f{a{bc + bd)) (as f{a{bc + bd)) ^ f{bc + bd) 

g{c,d) — ^ 6), but not of f{abc + abd). Hence, f{a{bc + bd)) f{abc + abd) (and a fortiori 
f{a{bc + bd)) f {abc + abd) for N £ {RT , R, FT , F}). 

A similar example can be given to show that the ready trace format cannot allow a liquid argument 
of the source or a right-hand side of a positive premise to occur more than once in the target. 
Likewise, an example can be given to show that the ready trace format cannot allow a liquid 
argument of the source to be propagated in the left-hand side of a positive premise and at the same 
time to occur in the target. 



9.4 Propagation at a non-liquid position 



If in the example above the argument of / were defined to be frozen, then in the first rule the 
right-hand side y of the premise would occur in a non-liquid position in the target. This shows that 
the ready trace format cannot allow right-hand sides of positive premises to occur at non-liquid 



positions in the target. Variants of [Example 7] show that the ready trace format cannot allow liquid 
arguments of the source to be propagated at non-liquid positions either. 



Example 8 Replace the second rule in Example 7 by the two rules 



h{x) 



yi 



y2 



y 



h{x) — > g{yi,y2) 



Taking the arguments of / and g liquid, but that of h frozen, the resulting TSS sins against the 
ready trace format only in that in the first rule above the floating variable x is propagated at a 



non-liquid position, namely as argument of h. Clearly the same mishap as in Example 7 ensues. 



The same argument applies when replacing the second rule in [Example 7] by the two rules 



f{x) h{x) 



yi 



X 



2/2 



h{x) 



5(2/1,2/2) 
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The examples above show that if a floating variable x is propagated in a term f{x), then the 
argument of / should be classified as liquid. Furthermore, if x is propagated in a term f{h{x)), 
then both the argument of / and that of h should be classified as liquid. Namely, if only the argument 
of / would be liquid, a rule with conclusion h{x) — > g{x, x) could have fatal consequences, and if 
only the argument of h would be liquid, a rule with conclusion f{x) — > g{x,x) could be fatal. (It 
is left to the reader to fill in the details.) This justifies the definition of A- liquid in Section 4. 



9.5 Propagation in combination with polling 

The following counterexample shows that the readiness format cannot allow that a liquid argument 
of the source is both propagated and polled. (The TSS in this example is in a flawed congruence 
format for failure equivalence from |]20| .) 

Example 9 Let the arguments of / and h be liquid. We extend BPA^ with the rules: 

a b c d 

X — > y X — > y X — > y x — > y 

fix) f{y) /(^) JU h{x) h{x) ^ h{y) h{x) ^ 6 

In the second rule, the liquid argument x of the source is both propagated and polled. 

It is easy to see that a{b + cd) + ac and a{b + c) + acd are readiness and failure equivalent 
(but not ready trace or failure trace equivalent). Note that abed is a trace of f{a{b + cd) + ac) (as 
f{a{b + cd) + ac) -—>■ f{b + cd) — > h{b + cd) -—>■ h{d) — > 5), but not of f{a{b + c) + acd). Hence, 
f{a{b + cd) + ac) and f{a{b + c) + acd) are not even trace equivalent. 

It is easy to see that a{b + c) + ab + ac and ab + ac are failure trace and failure equivalent 
(but not ready trace or readiness equivalent). Note that abc is a trace of /(a(6 + c) + ab + ac) 

(as f{a{b + c) + ab + ac) f{b + c) — ^ h{b + c) — ^ h{e)), but not of f{ab + ac). Hence, 
f{a{b + c) + ab + ac) and f{ab + ac) are not even trace equivalent. 



9.6 Multiple pollings 

The following counterexample shows that the failure trace format cannot allow that a liquid argu- 
ment of the source is polled more than once. 

Example 10 Let the argument of / be liquid. We extend BPA^e with the rules: 

a be 

X — >y X — >yi x — >y2 

fix) ^ fiy) fix) ^ 5 

In the second rule, the liquid argument x of the source is polled in the two positive premises. 

We recall that a(6 + c) + ab + ac and ab + ac are failure trace and failure equivalent. Note 
that ad is a trace of /(a(6 + c) + ab + ac) (as /(a(6 + c) + ab + ac) /(6 + c) — > 5), but not of 
fiab + ac). Hence, /(a(6 + c) + ab + ac) and fiab + ac) are not even trace equivalent. 



9.7 Polling at a non-liquid position 

The following variant of pi^xample 10| shows that the failure trace format cannot allow that a liquid 
argument of the source is polled at non-liquid positions. 
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Example 11 Let the argument of / be liquid and the argument of h be frozen. We extend BPA^^ 
with the rules: 

a 7 / \ b b c 

X — >y h[x) — >y x — > yi x — > y2 



fix) fiy) f(^) 6 h{x) 6 

In the second rule, the liquid argument x of the source is polled at a non-liquid position. Clearly 



the same mishap as in Example 10 ensues. 



9.8 Polling in a negative premise 

The following counterexample shows that the failure trace format cannot allow that a liquid argu- 
ment of the source is polled in a negative premise. 

Example 12 Let the argument of / be liquid. We extend BPA^^ with the rules: 

a b, c, 

X > y X -/->■ X 



fix) ^ fiy) fix) 6 fix) 6 

In the second and third rule, the liquid argument x of the source is polled in the negative premise. 

We recall that a(6 + c) + ab + ac and ab + ac are failure trace and failure equivalent. Note that 
a is a completed trace of /(a(6 + c) + ab + ac) (as /(a(6 + c) + ab + ac) /(6 + c) -/->■), but not 
of fiab + ac). Hence, /(a(6 + c) +ab + ac) and fiab + ac) are not even completed trace equivalent. 



10 Applications 

This section contains some applications of our precongruence formats to TSSs from the literature. 



10.1 Priority 

Priority Q is a unary function symbol that assumes an ordering on transition labels. The term 
executes the transitions of t, with the restriction that a transition t' — ^ ti only gives rise to 
a transition — ^ 0(ti) if there does not exist a transition t' — > t2 with a < b. This intuition 



is captured by the rule for the priority operator in Table 2, which is added to the rules for BPA^ 



in Table L The resulting standard TSS is in ready simulation format. 



X 



V 



for V < w 



e(x) ^ Qiy) 



Table 2: Transition rule for priority 

As the floating variable y in the rule for priority is propagated in Qiy), the argument of @ has 
to be liquid. The floating variable x is propagated only once (and trivially at a liquid position). 
Hence the TSS for BFA^^ with priority is in ready trace format. 



Corollary 6 The ready simulation and ready trace preorders are precongruences with respect to 
BPAfe with priority. 
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The TSS for BPA^^ with priority is not in readiness format. Namely, in the case of a non-trivial 
ordering on transition labels, the floating variable x in the rule for priority is both propagated 
and polled. We show that the readiness, failure trace and failure preorders are not precongruences 
with respect to BPA^^ with priority. Recall that a(b + c) + acd and a(b + cd) + ac are readiness 
equivalent. If the ordering consists of c < 6, then acd is a trace of @{a{b + c) + acd) (as it can 
execute @{cd) -—>■ Q{d) — > 0(e)), but not of @{a{b + cd) +ac). Hence, @{a{b + c) +acd) and 
Q{a{b + cd) + ac) are not even trace equivalent. 

Clearly ab + a{c + d) + a{b + c + d) and ab + a{c + d) are failure trace equivalent. If the ordering 
consists of c < 6, then 0a{c}(i0 is a failure trace of @{ab + a{c + d) + a{b + c + d)) (as it can execute 
e{b + c + d) 0(e)), but not of e{ab + a{c + d)). Hence, Q{ab + a{c + d) + a{b + c + d)) and 
Q{ab + a(c + d)) are not failure trace equivalent. 



10.2 Initial priority 



Initial priority is a unary function symbol that assumes an ordering on transition labels. The term 
9{t) executes the transitions of t, with the restriction that an initial transition t — ^ ti only gives 
rise to an initial transition 0(t) — ^ ti if there does not exist an initial transition t — > t2 with 
a < b. This intuition is captured by the rule for the initial priority operator in p?able 3 , which is 
added to the rules for BPA^g in p?able 1 . The resulting standard TSS is in ready simulation format. 



V W, r 

X — > y X —f-^ lOY V <w 
y 



Table 3: Transition rule for initial priority 



We take the argument of initial priority to be frozen. Now the TSS for BPA^^ with initial 
priority is in failure trace format. Note that in the rule for initial priority the variable x, which is 
polled and propagated, is non-floating. 



Corollary 7 The ready simulation, ready trace, readiness, failure trace and failure preorders are 
precongruences with respect to BPA^^ with initial priority. 

In the case of a non-trivial ordering on transition labels, the rule for initial priority is outside de 
Simone's format, due to the presence of negative premises. 



10.3 Binary Kleene star 



The binary Kleene star ti*t2 [26| repeatedly executes ti until it executes t2- This operational 
behaviour is captured by the rules in Table 4 , which are added to the rules for BPA^^ in [Table 1| . 
The resulting positive TSS is in failure trace format if we take the first argument of sequential 
composition to be liquid and the first argument of the binary Kleene star to be frozen. Note that 
in the first rule for the binary Kleene star the floating variable y is propagated only once, at a 
liquid position, and not polled. Moreover in this rule the variable xi, which is propagated twice, is 
non-floating. 
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xi X2 — > y • (xi X2) xi X2 — >y 



Table 4: Transition rules for the binary Kleene star 



Corollary 8 The n- nested simulation (for n > 1), ready simulation, ready trace, readiness, failure 
trace and failure preorders are precongruences w.r.t. BPA% with the binary Kleene star. 

It was noted in that the second rule for the binary Kleene star does not fit the congruence format 
for ready trace equivalence from ||2^. Namely, in this rule the variables xi and y in the target are 
connected by the premise. Neither does this rule fit de Simone's format, due to the fact that xi 
occurs in the left-hand side of the premise and in the target. 



10.4 Sequencing 



Sequencing ti;t2 executes ti until it can do no further transitions, after which it starts executing ^2- 
Basic process algebra with sequencing contains the atomic actions in Act, alternative composition 
and sequencing, while the deadlock and the empty process are fused to a single constant 0. The 



transition rules for BPAq are presented in Table 5, where v and w range over Act. This standard 
TSS is in ready simulation format. The rules for sequencing were taken from M\. 



V 

V — 


> 






V 

xi — 


' y 




V 

X2 — >y 


Xl + X2 - 


V 


y 


Xl + X2 y 


V 

Xl — 


' y 




Xl -/^ for V G Act X2 — ^ y 


V 

xi;x2 — 


' y\ 


X2 


w 

xi;x2 — > y 



Table 5: Transitions rules for BPAr 



As the floating variable y in the first rule for sequencing is propagated in y; X2, the first argument 
of sequencing has to be liquid. In the first rule for sequencing the floating variable xi is propagated 
only once (and trivially at a liquid position), and not polled. In the second rule for sequencing the 
floating variable xi is not propagated, while the floating variable y is propagated only once (and 
trivially at a liquid position), and not polled. Hence the TSS for BPAq is in readiness format. 



Corollary 9 The ready simulation, ready trace and readiness preorders are precongruences with 
respect to BPAq. 

The TSS for BPAq is not in failure trace format. Namely, in the second rule for sequencing the 
floating variable xi is polled in negative premises. We show that the failure preorder is not a 
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precongruence with respect to BPAq. Let sequencing bind stronger than alternative composition. 
Clearly a; {b + c) + a;c + a and a; (6 + c) + a are failure equivalent. Note that (a, {b}) is a failure 

pair of (a; {b + c) + a; c + a);b (as it can execute 0; c; b -y^), but not of (a; (6 + c) + a); b. Hence, 
(a; (6 + c) + a; c + a); 6 and (a; (6 + c) + a); 6 are not failure equivalent. 

The failure trace preorder is a precongruence with respect to BPAq. Namely XqQiXi ■ ■ ■ anXn 
is a failure trace of q iff either X^aiXi ■ ■ ■ am-iXm-iCLm^ct is a failure trace of p for some m < n 
and XmCim+iXm+i • • • CLnXn is a failure trace of g, or XoOiXi • • • anXnb^ is a failure trace of p for 
some b £ Act. Thus sequencing is an example of an operator from the literature that preserves 
failure traces but that lies outside the scope of the failure trace format. 



10.5 Action refinement 



The binary action refinement operator ti[a — > t2] for atomic actions a, based on a similar operator 
in p^, replaces each a transition in ti by t2- 



Its transition rules are presented in Table 6 , which 
are added to the rules for BPAq in Table 5| . If we take the first argument of sequencing and of 
action refinement to be liquid and the second argument of action refinement to be frozen, then this 
standard TSS is in readiness format. Note that in the second rule for action refinement the floating 
variable yi is propagated at a liquid position, while the variable X2, which is propagated twice, is 
non-floating. 
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xi[v X2] y2; {yi[v X2]) 



Table 6: Transition rules for action refinement 



Corollary 10 The ready simulation, ready trace and readiness preorders are precongruences with 
respect to BPAq with action refinement. 

11 Partial traces 

The proof technique developed in this paper can be generally applied to generate a precongruence 
format for a preorder from the observational definition of this preorder. As an example we sketch 
how this technique yields a precongruence format for the partial trace preorder. The details are 
left to the reader. We say that a TSS is in partial trace format if it is positive and in failure trace 
format. 

Theorem 8 If a TSS is in partial trace format, then the partial trace preorder that it induces is 
a precongruence. 



The outline of the proof of [Theorem 8| is as follows. Assume a predicate A on arguments of function 
symbols over a signature S. We say that an ntytt rule is A-partial trace safe if it is A- failure trace 
safe and either its conclusion and premises are all positive, or they are all negative. In line with 
Lemmas we obtain: if P is a TSS in decent ntyft format of which the transition rules are A- 
partial trace safe, then any ntytt rule irredundantly provable from P is A-partial trace safe. As in 
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(S, R) is a standard TSS in partial trace format, then = (E, R'^) 
As in Lemma 15 we obtain: if the rules in R'^ 



a <^ P 



a. 



Corollary 3| we obtain: if P 
is in partial trace format and P 
are A-partial trace safe and ip £ ©r then -(/'(x) G ©y. (Note that, as observations a do not occur 
in ©r, the case ip S tp^{a) need not be considered.) As in Lemma It we obtain: if P is in partial 
trace format and 99 E ©'^^ then Tp{x) S ©'^. Finally, as in [Corollary 5| we obtain: if P is a standard 
TSS in partial trace format and (t{x) 0"'(x) for x G var{t) then a{t) This immediately 



implies p?heoreni~8 



In the precongruence format for the partial trace preorder one could in principle allow lookahead. 
We leave it as an open question whether the partial trace format extended with lookahead is indeed 
a precongruence format for the partial trace preorder. 

The following counterexample shows that in the case of the partial trace preorder, the restriction 
to positive TSSs in the partial trace format is essential. 

Example 13 Let the argument of / be frozen. We extend BPA^^ with the rule: 

b, 

X 



fix) ^ 6 



Clearly a Qt a + b. Note that c is a trace of /(a) (as f{a) — ^ 6), but not of f{a + b). Hence, 
f{a)^T f{a + b). 

According to the following theorem, in the case of partial trace equivalence one can allow TSSs 
with negative premises. 

Theorem 9 If a standard TSS is in failure trace format, then the partial trace equivalence that it 
induces is a congruence. 



The outline of the proof of Theorem £ is as follows. Let © consist of all formulas 



{ip G ©r~ I P 1= V?}- If P Qt q and q \= Aj^^jaj 
{q). As in Lemma 15 we obtain: if the rules in 



with G ©r and aj G A. Let Oj^{p) :- 
then p \= AjejS^- Thus p =t <? iff O'^ijp) 
R^ are A- failure trace safe and (/? G ©t then tp{x) G ©t- As in [Lemma TB we obtain: if P is in 
failure trace format and if G then ^(x) G Oj^. Finally, as in [Corollary 5| we obtain: if P is 
a standard TSS in failure trace format and a{x) =^ cr'(x) for x G var{t) then a{t) =^ cr'(t). This 



immediately implies Theorem 9 



12 Conservative extension 

Traditionally, papers on congruence formats also introduce syntactic restrictions on TSSs to ensure 



that one TSS is a conservative extension of another ||l^, [2^, 24]. Here, we extend results on con- 
servative extension from those three papers to incomplete TSSs, building on propositions obtained 
in earlier sections. However, since these propositions were proved for incomplete TSSs in ready 
simulation format only, our conservative extension result is restricted to that format. 
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Definition 32 Let Pi = and P2 = {T,2,R2) be standard TSSs with Si C T,2- P2 is said 

to be a conservative extension of Pi if P2 a <^ Pi h^s ol for any closed S2-literal a whose 
left-hand side is a term over Si. 



This definition is equivalent to the ones in |1C, 24 1, except that there only the case is considered 
where R\ C 

Lemma 17 Let Pi = (Si, Pi) and P2 = (S2,P2) be TSSs with Si C S2 and Pi C P2, such that 
each rule in Pi is decent and each rule in P2 — Pi has a function symbol / G S2 — Si in its source. 
Then P2 hirr f ^ Pi ^irr f for any transition rule — over S2 whose source is a term over Si. 
Thus in particular P2 h a 44> Pi h a for any S2-literal a whose left-hand side is a term over Si. 

Proof: "<^": Trivially, any proof of from Pi is also a proof of from P2. 

with induction on the structure of irredundant proofs. Let tt be an irredundant proof of 
— from P2. We show that tt is also an irredundant proof of — from Pi. Let K be the set of labels of 
the nodes directly above the root node g of vr (which is labelled with a). Then ^ is a substitution 
instance of a transition rule p in P2. As the left-hand side of a is a term over Si, the rule p must 
be in Pi. Thus p is decent, which implies that all variables occurring in the left-hand sides of its 
premises also occur in its source. Therefore, any function symbol occurring in the left-hand side of 
a literal in K also occurs in the left-hand side of a and hence belongs to Si. For all /3 G i^T there is 
an irredundant proof 7r/3, which is a proper part of vr, of a rule from P2. We have U/36K -^/3 ~ 
Moreover, the left-hand side of /? is a term over Si. So, by induction, vr^ is an irredundant proof of 
/3 from Pi for all [3 ^ K. Thus /3 is a Si-literal. As p is decent, all variables occurring in its target 
also occur in its source or in one of its premises. Therefore, any function symbol occurring in the 
right-hand side of a also occurs in its left-hand side or in and hence belongs to Si. Hence vr is 
an irredundant proof of a from Pi . □ 

Theorem 10 Let Pi = (Si, Pi) and P2 = (S2,P2) be standard TSSs in decent ntyft format with 
Si ^ S2 and Pi C P2, such that each rule in P2 — P has a function symbol / G S2 — Si in its 
source. Then P2 is a conservative extension of Pi. 

Proof: Let Pi = (Si, Pi) and P2 = (S2,P2) be as stipulated. Let P[ = (Si,P'i) and Pg = 
(S,P2) be the TSSs in decent xynft format obtained from Pi and P2 as indicated in the proof 
of [Proposition 4 : P'j^ (resp. R'2) consists of all decent xynft rules irredundantly provable from Pi 



(resp. P2). Now clearly P'l C R^, and by Lemma 17 each rule in P2 — P'l has a function symbol 



/ G S2 — Si in its source. By means of a coordinated bijective renaming of the variables in R'^ and 
P2 we obtain TSSs in decent uniform xynft format P{' and P2' that still satisfy the stipulations of 



Theorem 10| . On these the construction of Definition 27 may be applied to obtain P^ = (S, R^ 



and P2~ = (^2) -^2^)- By Definitions ^ and 27 we have C P^ and each rule in Pj — has 



a function symbol / G S2 — Si in its source. Thus, by Propositions ^ || and ^ and Lemma 17 



we 



have P2 ^ws a ^ P2 ^ws a <^ Pj a 44> Pj' a Pg*" h a <^ P+ h a <^ • • • 44> Pi h^s « for any 
closed S2-literal a whose left-hand side is a term over Si. □ 



13 Possible extensions 



In this paper we have presented precongruence formats for a range of preorders, which are a fortiori 
also congruence formats for the induced equivalences. We are not aware of any further plausible 
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extensions of the precongruence formats (apart from conceptual extensions such as higher-orderness 
and syntactic sugar such as predicates and terms as transition labels). 

It may be possible to formulate more liberal congruence formats for ready simulation equivalence 
and the decorated trace equivalences. Namely, one could in principle allow lookahead for frozen 
arguments of the source. To be more precise, one could (re)define that an occurrence of a variable in 
an ntytt rule is propagated if the occurrence is either in the target or in the left-hand side of a positive 
premise of which the right-hand side is polled or propagated. Furthermore, one could define that a 
positive premise in an ntytt rule has lookahead if its right-hand side occurs in the left-hand side of 
some premise in this rule. Assume a predicate A on arguments of function symbols. Then a standard 
ntytt rule is A-ready simulation equivalence safe if each A-floating variable is only propagated at 
A-liquid positions, and not in positive premises with lookahead. A standard ntytt rule is A-ready 
trace equivalence safe if moreover each A-floating variable is propagated at most once, at a A-liquid 
position. A standard ntytt rule is A-readiness equivalence safe if moreover each A-floating variable is 
not both propagated and polled. A standard ntytt rule is A-failure trace equivalence safe if moreover 
each A-floating variable is polled at most once, at a A-liquid position in a positive premise. A TSS 
is in N equivalence format (for N E {ready simulation, ready trace, readiness, failure trace}) if it is 
in ntyft/ntyxt format and its rules are A-A'^ equivalence safe with respect to some A. 

We leave it as an open question whether these four formats are indeed congruence formats for 
ready simulation equivalence, ready trace equivalence, readiness equivalence, failure trace equiv- 
alence and failure equivalence. The proof technique employed in this paper uses the absence of 
lookahead in an essential way. In particular, as illustrated by Example 4, the construction of 
in Section 6| only works in the absence of lookahead. So the open question cannot be answered 



by a simple adaptation of the precongruence proofs in this paper. Example 6 shows that the 
precongruence formats cannot allow lookahead. 
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